Systems and methods for processing requests to send private postal mail to an inmate

ABSTRACT

A method and system for maintaining privacy in private postal mail, such as privileged or other legal postal mail or medical mail, at a correctional facility comprising a privacy verification system to verify a privacy status of a sender and generate privacy status identifiers to be used on the legal postal mail. The privacy status identifiers when scanned or observed at a mail processing facility that processes incoming mail sent to inmates who are incarcerated in a correctional facility provides an indication to the mail processing facility that the mail is private so that appropriate measures can be taken to maintain privacy status.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. Non-Provisional patentapplication Ser. No. 17/004,035, entitled “SYSTEMS AND METHODS FORPROCESSING REQUESTS TO SEND PRIVATE POSTAL MAIL TO AN INMATE” filed Aug.27, 2020, which is a continuation-in-part of U.S. Non-Provisional patentapplication Ser. No. 16/877,456 entitled “CORRECTIONAL INSTITUTION LEGALPOSTAL MAIL PROCESSING SYSTEM AND METHOD” filed May 18, 2020. Thatapplication claims priority to U.S. Non-Provisional patent applicationSer. No. 16/286,305 entitled “CORRECTIONAL INSTITUTION LEGAL POSTAL MAILPROCESSING SYSTEM AND METHOD,” filed Feb. 26, 2019, which issued as U.S.Pat. No. 10,659,630. The above referenced applications further claimpriority to U.S. Provisional Patent Application No. 62/634,975, filedFeb. 26, 2018, entitled “CORRECTIONAL INSTITUTION LEGAL POSTAL MAILPROCESSING SYSTEM AND METHOD”.

Each of the above referenced applications is hereby incorporated byreference in its entirety for all purposes.

BACKGROUND Field of the Art

The presently disclosed invention relates in general to the field ofpostal mail delivery, and in particular, to a system and method forproviding copies of postal mail to individuals incarcerated in acorrectional facility in a safe manner in order to ensure theelimination of any contraband, reduce administrative costs for thecorrectional facility, while still allowing for delivery of legal postalmail which is privileged and is intended to be viewable by the inmateonly, and not by the correctional facility staff or investigators.

This disclosure relates to systems and methods for tracking private mailthat is sent to a recipient at a correctional facility. Morespecifically, the inventive systems and methods help ensure that privatemail is delivered to the intended recipient with privacy intact.

DISCUSSION OF THE STATE OF THE ART

Methods for the delivery of postal mail and electronic mail to inmatesare known in the art. Procedures or methods for dispensing mail viatraditional postal systems have been described in U.S. Pat. No.5,917,925. Systems for using electronic messaging in institutions, suchas prisons, have been described in U.S. Pat. No. 7,502,451. A system andmethod for electronically delivering postal mail to inmates is describedin U.S. application Ser. No. 15/153,171. The foregoing patents andapplications are hereby incorporated herein by reference, in theirentirety. It is well known that legal postal mail is privileged and notsearched by the facility staff prior to delivery to the inmate whichprovides an opportunity for contraband to be transferred by way of legalpostal documents to inmates. This presents a problem for thecorrectional facility which needs to be resolved so inmates can receivelegitimate privileged legal postal mail without the possibility ofreceiving contraband material. However, the system and method disclosedin U.S. application Ser. No. 15/153,171 and the associated procedures ormethods do not adequately address the conversion of postal mail which isbeing sent to the inmate under the privileged legal postal mail categoryto electronic mail for the elimination of any contraband being deliveredto prison inmates, and U.S. application Ser. No. 15/153,17, thedisclosure of which is incorporated by reference in its entirety, doesnot address the processing of privileged legal postal mail that is notto be viewable by anyone other than the inmate, such as communicationsthat are marked and appear by their envelope to be from the inmate'sattorney. Embodiments of the presently disclosed invention address suchlimitations, inter alia, by providing an improved system and method fordelivery of mail identified as legal postal mail to inmates in acorrectional facility that allows for delivery of legal postal mail thatcan be viewed only by the inmate. The instant invention provides thecorrectional facility with greatly reduced likelihood that such legalpostal mail could also be used for transferring or transmission ofcontraband to the inmate.

Corrections facilities typically inspect mail that is sent to an inmateto ensure the safety of corrections officers and prisoners, and toprotect the integrity of the corrections system. Among other things,corrections facilities typically check for contraband, inappropriate orimpermissible messages and/or images, messages that encourage or inciteviolence and/or criminal activity, etc. Generally, all incoming andoutgoing “routine” mail is subject to opening and inspection by the jailstaff. Moreover, all incoming routine mail may be opened and digitizedin corrections facilities that permit prisoners to view their mail on acomputing device.

Private or confidential mail, however, represents a special class ofmail that, if intentionally opened for substantive review by anunintended recipient (whether by policy or otherwise), may compromiseits privacy/confidentiality. For example, legal postal mail orprivileged mail that is sent by an attorney to a client who is in acorrectional facility, may not be opened for review by prison staff ifprivilege is to be maintained. Although prison officials may be able tocheck legal postal mail for contraband, they must do so in the presenceof a prisoner who can confirm that the substance of the communication isnot being reviewed. Moreover, a prison system or a prison official mustobtain a warrant if they want to review the contents of mail that ispurportedly sent by an attorney, by, for example, demonstrating that itlikely contains material that will encourage or incite violence and/orcriminal activity. Because of these rules, some non-privileged sendersdisguise their mail as privileged or legal postal mail in order to sendinappropriate or prohibited communication or to send contraband.

Because of the special administrative rules for legal or privilegedmail, and because of the potential for abuses, this mail represents aproblem for correctional facilities that want to check mail forcontraband and/or digitize mail that is sent to a prisoner. And,although prison systems have made progress in improving mailcommunication by providing digital alternatives, privileged mail hasremained resistant to change because of the inherent technical, legal,and administrative challenges. Indeed, privileged mail is still handledin much the same way today as it was decades ago. Currently availablesolutions do not offer a way for correctional facilities to handleprivileged mail, technically process privileged mail within its updateddigitized infrastructure, or reduce the administrative costs associatedwith handling privileged mail.

SUMMARY

The present invention provides an apparatus, system and method foreliminating contraband in privileged legal postal mail delivered to acorrectional facility. The processing facility for receiving the mailcan either be at a central facility or located at the local correctionalfacility. Staff at a processing facility may receive postal mail forinmates which are located at many different facilities or are located atthe same location as the processing facility. Upon receipt at theprocessing facility, the postal mail may be reviewed for information.Such information may be addressee or recipient inmate information,sender information, institution information, or any other informationdiscoverable upon inspection, review or analysis of the postal mailwithout opening it. The staff determines that the mail containsprivileged legal postal mail by using the results of the inspection,review or analysis of the postal mail and comparing it to apredetermined protocol which assists the staff to correctly categorizethe mail as legal postal mail. The protocol may compare the sender witha known list, originator information, originating post office, courtinformation, attorney name, law firm designator or other information tothe information on the exterior of the postal mail.

If the postal mail meets the preset criteria for being privileged legalpostal mail it can then be separated from the other non-legal postalmail. Once information is retrieved from the mail, the information maybe associated with the intended recipient inmate, such as through aninmate identifier or email. The non-legal postal mail may then beprocessed by the appropriate method or protocol used by the processingfacility which may include scanning it to create an electronic copywhich may be stored, such as on a server which may be accessed over anetwork. The electronic copy of the non-legal postal may include any andall information obtained from the postal mail including its contents,and additional information such as whether contraband was found in thepostal mail.

The privileged legal postal mail may optionally be logged as having beenreceived, and then forwarded for delivery to the inmate without opening.The log can either be electronic or manual. If the processing facilityis outside the correctional facility, then the legal postal mail may bereceived at the processing facility and forwarded to the correctionalfacility. If the processing facility is in the correctional facility,then the legal postal may be logged there, without opening, and thenforwarded on to personnel at the correctional facility associated withthe inmate for delivery to the inmate.

Regardless if the processing facility is remote or located at thecorrectional facility when the privileged legal postal mail arrives atthe correctional facility associated with the inmate it may then bedelivered to the inmate using a legal postal mail scanning station whichis configured to process the legal postal mail to provide an appropriateinspection without violating the inmate's rights to privacy. The legalpostal mail delivery station can be configured to have equipment andsoftware which will provide for opening, scanning and delivering thescanned image copies in either printed copies or electronic copiesdepending on the desire of the inmate and institution. The legal postalmail delivery station could contain any combination of the followinghardware associated software, a copier, a shredder, a scanner, a scannershredder, a copier shredder, a tablet or other computer with memory,viewing software, printing software, portable storage medium dockingdevice such as, but not limited to a USB connector, CD burner andreader, a printer and a camera. The legal postal mail may then bedelivered to the inmate who, in front of correctional facility staff,will open the legal postal mail and copy it with the copier, or scan itwith the scanner, after which it is shredded or placed into a secureinmate property bag. In the case of scanning, a scanned image willeither be printed, loaded onto a portable storage medium or transmittedto a server for later viewing via an inmate messaging system. The legalpostal mail scanning station may be in a fixed location or may be on amobile cart.

The present invention utilizes a system and method for identifying,verifying, and processing private mail such as privileged or legalpostal mail that is sent to prisoners or inmates in a correctionalfacility and that enables prisoners to view digital versions of mail (orduplicated hard copies) while also preserving privacy, such as privilegestatus. The invention utilizes software to validate the privacy statusof senders, and provide the senders with a unique sender identifier. Theunique sender identifier may be used to generate unique mail identifiersthat may be attached to private mail. The unique mail identifiers maycomprise information about the sender, the recipient, date that theidentifier was generated and/or requested, etc.

The inventive systems and methods may be further utilized by acorrectional facility to specially process and handle private mail withattached unique mail identifiers. For example, privileged mail or legalpostal mail with unique mail identifiers may not be scanned or digitizedas other non-privileged mail or non-legal postal mail that is sent to aprisoner. Instead, the unique mail identifier may be used to deliver themail for additional special handling and/or processing. In someembodiments, the data associated with the unique mail identifier may beused to further determine whether the mail is appropriately designatedas private. Moreover, the data associated with the unique mailidentifier may be used to further determine whether the mail may belikely to contain contraband (such as pages that are soaked in or lacedwith drugs), and/or assess the likelihood that the mail may causeundesirable behaviors, such as inciting violence, etc.

The present invention enables private senders to send privatecommunication to prisoners at correctional facilities that allowincoming and/or outgoing communication via digitized or electronicformats. In such facilities/systems, the present invention minimizes therisk that private mail may be inadvertently opened/digitized in a mannerthat would impair or compromise privilege. Moreover, the presentlydisclosed systems and methods protect the integrity of the communicationsystems at a correctional facility by adding an additional layer ofverification to ensure that a sender is in fact permitted to sendprivate mail. The present invention also enables sophisticated analysis,which may be used to determine whether private mail is improperly markedas private, whether the private mail is likely to contain contraband,and/or whether the private mail may contain improper communication thatmay incite violence, improper coordinated action, contraband, etc.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

The accompanying drawings illustrate several embodiments and, togetherwith the description, serve to explain the principles of the inventionaccording to the embodiments. It will be appreciated by one skilled inthe art that the particular arrangements illustrated in the drawings aremerely exemplary and are not to be considered as limiting of the scopeof the invention or the claims herein in any way.

FIG. 1 illustrates a schematic drawing of a cart providing a legalpostal mail delivery station for the processing of legal postal mail ina correctional facility;

FIG. 2 illustrates a flow chart of the processing of legal postal mailin an embodiment of a legal postal mail processing station utilizing acopier; and

FIG. 3 illustrates a flow chart of the processing of legal postal mailin an embodiment of a legal postal mail processing station utilizing aseamier, an electronic inmate messaging system, and an optional printer.

FIG. 4 illustrates embodiment of the invention that utilizes a legalpostal mail tracking device.

FIG. 5 illustrates a flow chart of the processing of legal postal mailin an embodiment of a legal postal mail processing station utilizing ascanner, an electronic inmate messaging system, and transmitting thescan image to a central database.

FIG. 6 illustrates a flow chart of the processing of legal postal mailreceived at a central processing facility in an embodiment of a legalpostal mail processing station utilizing a scanner, an electronic inmatemessaging system, and transmitting the scan image to a central database.

FIG. 7 illustrates, in accordance with an exemplary embodiment of theinvention, various elements of a system for processing and verifyingprivate mail that is sent to an inmate at a correctional facility.

FIG. 8 illustrates various elements of a mail verification system inaccordance with an exemplary embodiment of the invention.

FIG. 9 illustrates various elements of a correctional facility system inaccordance with an exemplary embodiment of the invention.

FIG. 10 illustrates a flowchart of an exemplary process for processingand verifying private mail that is sent to an inmate at a correctionalfacility.

FIG. 11 illustrates an exemplary computing device that supports anembodiment of the inventive disclosure.

FIG. 12 illustrates an exemplary standalone computing system thatsupports various embodiments of the inventive disclosure.

FIG. 13 illustrates one embodiment of the computing architecture thatsupports various embodiments of the inventive disclosure.

FIG. 14 illustrates an exemplary overview of a computer system thatsupports various embodiments of the inventive disclosure.

DETAILED DESCRIPTION

While various aspects and features of certain embodiments have beensummarized above, the following detailed description illustrates a fewexemplary embodiments in further detail to enable one skilled in the artto practice such embodiments. The described examples are provided forillustrative purposes and are not intended to limit the scope of theinvention.

In the following description, for the purposes of explanation, numerousspecific details are set forth in order to provide a thoroughunderstanding of the described embodiments. It will be apparent to oneskilled in the art, however, that other embodiments of the presentinvention may be practiced without some of these specific details.Several embodiments arc described herein, and while various features areascribed to different embodiments, it should be appreciated that thefeatures described with respect to one embodiment may be incorporatedwith other embodiments as well. By the same token, however, no singlefeature or features of any described embodiment should be consideredessential to every embodiment of the invention, as other embodiments ofthe invention may omit such features.

In this application the use of the singular includes the plural unlessspecifically stated otherwise, and use of the terms “and” and “or” isequivalent to “and/or,” also referred to as “non-exclusive or” unlessotherwise indicated. Moreover, the use of the term “including,” as wellas other forms, such as “includes” and “included,” should be considerednon-exclusive. Also, terms such as “element” or “component” encompassboth elements and components comprising one unit and elements andcomponents that comprise more than one unit, unless specifically statedotherwise.

A scanned image copy or scanned image or scan image are usedinterchangeably and is defined as a scan image of the legal postal mailand any associated materials including envelope, photographs, pictures,etc.

The term processing facility, central facility, mail processing facilityare used interchangeably and refer to a facility for receiving the mailand can either be at a central facility or located at the localcorrectional facility.

An inmate messaging system and email system are used interchangeably andmean a messaging system that is accessible by the inmate.

Correctional facility staff, correctional personnel, correctionalinstitution staff member, institution staff and institution personnelare used interchangeably and refer to individuals who work at thecorrectional institution.

Legal mail and legal postal mail are used interchangeably and refer tomail that cannot be viewed or processed by the correctional facilitystaff prior to delivery.

Portable computer, computer and tablet are used interchangeably andrefer to a computer attached to legal mail processing cart.

Wireless mobile telecommunications technology and wireless network areused interchangeably and refer to wireless internet communicationsystems which are commonly referred to as 1G, 2G, 3G, 3.5G, 4G 4.5G and5G networks

Correctional facility, correctional institution, institution andfacility are used interchangeably and refer to refer to a facility forhousing inmates.

Legal postal mail and legal mail and postal mail are usedinterchangeably and refer to postal mail containing legal communicationsfor an inmate. In addition, as described elsewhere in the specification,legal postal mail, legal mail and postal mail may refer to privatepostal mail that may be comprised of private communication such as mailcontaining or purporting to contain attorney-client privilegedcommunication, doctor-patient privileged communication, as well asothers, which will be apparent to a person of ordinary skill in the art.

Reference will now be made in detail to the embodiments of the presentlydisclosed invention, features of which are illustrated in theaccompanying drawings.

Postal mail is a federal right to U.S. citizens incarcerated in acorrectional facility within the United States. Postal mail, however,has been used to deliver inappropriate and illegal contraband, includingphotographs, pornography and illegal drugs, to inmates. While mostpostal mail can be searched for contraband before delivery to inmates,certain mail is considered privileged such as legal postal mail cannotbe viewed or processed by the correctional facility staff prior todelivery. Herein the term “legal postal mail” refers to mail thatcorrectional facility staff is not permitted to view by law, regulationor facility policy, and includes, without limitation, letters thatappear to have been sent by inmate's legal postal counsel. Whether ornot postal mail is to be treated as legal postal mail is determined byviewing information visible on the outside of the postal mail withoutopening it. The specific protocol used by the processing facility mayinclude comparing the sender with a known list, originator information,originating post office, court information, attorney name, law firmdesignator or other information to the information on the exterior ofthe postal mail.

While most legal postal mail is likely to be contraband-free,particularly when it is legitimate communications from legal postalcounsel, it is possible that some postal mail may be disguised as legalpostal mail in order to avoid pre-delivery inspection, or, in rarecases, that unscrupulous persons may include contraband in otherwiselegitimate legal postal mail (e.g. a personal note from a family memberthat has been treated in a way that can be used to deliver illegalpostal substances into the facility). There is, therefore, a need toallow legal postal mail to be delivered to inmates in a way thatcomplies with the inmate's rights, but also eliminates or greatlyreduces the likelihood of legal postal mail being a conduit forcontraband.

The present disclosure describes embodiments of systems and methods thatmeet this need in which legal postal mail is delivered to the inmate ata legal postal mail processing station. The legal postal mail processingstation can be either a fixed or mobile processing station. When a fixedstation is installed then the inmate must be taken to the location ofthe processing station. If the processing station is a mobile design,then the processing station is relocated to the inmate. In either casethe institution personnel log into the legal mail processing cartcomputer to initiate the process, then the legal postal mail is openedby the inmate in front of correctional facility staff and inserted intoa scanner or copier which is part of the processing station. If theprocessing station has a copier and that copier is used to replicate thelegal postal mail then the inmate is given the copies of the copieddocument and the inmate confirms that all the pages are readable anduseable prior to the corrections officer or inmate placing the legalpostal mail into the shedder for disposal of the original legal postalmail or into a secure inmate property bag for storage which eliminatesthe possibility of any contraband being transferred to the inmate. Ifthe legal postal mail is scanned at the legal postal mail processingstation then the scanned legal postal mail is then either printed orreviewed on a computer (herein the term “computer” refers to any devicecapable of displaying the scanned image or delivering such image to aninmate messaging system including, but not limited to a tablet computer,desktop computer or laptop, the computer being configured with memoryand electronic communication means-such as , but not limited to,Bluetooth®, Zigbee®, WiFi, 3G, 4G and 5G wireless mobiletelecommunications technology, radio frequency, telephonic modem signalsand wired ethernet). Once the inmate determines that the scan isaccurate, the original legal postal mail is deposited into a shredder orinto a secure inmate property bag for storage, which eliminates thepossibility of any contraband being transferred to the inmate. In theevent a printed copy was made, the printed copy will be contraband-freeand may be left with the inmate. In the event an electronic scan wasmade, it may be delivered to an inmate messaging system and flagged as aprivileged message such that the messaging system will allow it to beviewed only by the inmate and not by correctional facility staff. Athird option that is anticipated by the instant invention is where thelegal postal mail processing station is located at a central processingfacility and the inmate joins the opening process via videoconferencing. When this process is used then the inmate controls theopening and scanning of the mail and confirms that the mail has beenscanned accurately via the video conferencing method before thecorrectional facility staff is released by the inmate to shred the legalpostal mail or place the legal postal mail into their property storage.In certain embodiments non-legal postal mail processed at a centralfacility is also scanned and viewed by the inmate through the samemessaging system, as is described in the incorporated references. Incertain embodiments the opening and scanning process is recorded with acamera and the video is stored on the legal postal mail scanning stationor uploaded to a server where the record of the opening and scanning maybe retrieved and reviewed at a later time.

An alternate embodiment provides for a unique identifier for each pieceof legal postal mail. The identifier is placed on the legal postal mailonce it is identified by the staff as legal postal mail. This provides aunique identifier for the legal postal mail and insures that there isproper handling of the mail. The unique identifier could be in any formthat allows electronic tracking so that the mail is easily identifiableas legal postal mail. The following is a brief description of theprocess utilizing the unique identifier to track legal postal mailwithin the facility and insure that the mail is delivered expeditiouslyto the correct inmate. The process could utilize the following steps:

1) When legal postal mail has been identified at the mail receivingstation as legal postal mail it is assigned a unique identifier id whichhas a corresponding RFID and/or bar code. Alternatively, the institutioncould also use a Bluetooth®, LTE, WiFi or ZigBee® transmitter as theunique identifier and the address or id for that transmitter would beassociated with the particular piece of mail.

2) The unique identifier id is then associated with the legal postalmail 1 and the inmate identifier which is associated with the inmate whothe legal postal mail is addressed to by entering it in a legal postalcomputer tracking system which must be accessible from the legal postalmail processing cart.

3) The legal postal mail and the legal postal mail processing cart willbe taken to the inmate or if the legal postal mail processing cart isstationary the inmate will be brought to the legal postal mailprocessing cart.

4) The staff member logging into the mail scanning station usingcredentials to identify the staff member.

5) The staff member searching for the recipient inmate by name or IDnumber to associate the upcoming scan with the inmate's account;

6) The institution personnel will scan the legal postal mail uniqueidentifier and the inmate identifier and enter them into the legalpostal mail computer tracking system. The inmate identifier could be,but not limited to, facial recognition, RFID identity card, RFIDbracelet, Bluetooth® LTE, WI/FI or ZigBee® transmitter.

7) If the legal postal mail unique identifier and inmate identifier donot match, the mail will be returned to the mail receiving station forverification. If the unique identifier and the inmate identifier match,then the legal postal mail be opened by the inmate in front of theinstitution personnel.

8) legal postal mail will be scanned in front of the inmate by theinstitution personnel or by the inmate under the supervision of theinstitution personnel.

9) The inmate will compare the scanned legal postal mail and the legalpostal mail.

10) After the inmate concurs with the scan legal postal mail of thelegal postal mail the Bluetooth® LTE, WI/FI or ZigBee® transmitter, RFIDand/or bar-code, or other technology equivalent, may or may not beremoved by the institution staff and the mail will be bagged for storageor shredded.

11) The inmate will be provided access to the scan mail either throughusing their inmate identifier and the messaging system o a printed copyof scan.

FIG. 1 illustrates, in schematic form, an embodiment of a mobile legalpostal mail processing station in the form of legal postal mailprocessing cart 10 suitable for use in a correctional facility. Legalpostal mail processing cart is wheeled so that it may be moved bycorrectional facility staff so that it can be taken to the inmate'slocation, thereby avoiding the risks and complications of moving theinmate to a fixed legal postal mail processing station. Where moving theinmate is a viable option for the corrections facility, however, thesame basic configuration may be used in akiosk or station that is not ona mobile cart to create a fixed-location legal postal mail processingstation.

Legal postal mail processing cart 10 comprises scanner 20. Scanner 20may be a document scanner such as the Epson Workforce DS-510 ColorDocument Scanner. While any document scanner, may be used, in certainembodiments it is convenient for the scanner to be color (therebyallowing the scanning of communications that are not black and white)and to include a document feeder (either one-sided or two-sided) toenable automated scanning of multi-page communications. Optionally, itmay also be, or include, a single-page flatbed scanner, which may beused for materials of a size that cannot be read by a document feeder.Wireless communication capability may also be desirable to allow scanner20 to communicate with portable computer or tablet 30 (described below)without the need for cables.

Printer 40 may be any printer capable of printing the image captured byscanner 20. One possible printer that may be used is the HP LaserJet ProM452nw Wireless Color Printer, but it will be understood that many otherprinters may be used. Where mobility is needed, both scanner 20 andprinter 40 may be selected based on size and power usage needs. The lesspower required will result in a more robust system capable of processingmore documents prior to recharging of power supply 80 (described furtherbelow), and the smaller the size will result in a more mobile Legalpostal mail processing cart 10.

It will be understood that embodiments that do not require separatescanner 20 and printer 40 are also possible. For example, and withoutlimitation, scanning and printing could be combined in a singlemulti-function device such as, without limitation, a Brother MFC9325CWWireless Color Printer with Scanner, Copier & Fax, or simply a copier(not illustrated). One possible advantage of separating the scanner 20and printer 40 into separate devices is that they can be separatelycontrolled by a portable computer or tablet 30 such that the scannedimage copy can be processed by portable computer or tablet 30 prior to,or in lieu of, printing. While it is possible that portable computer ortablet 30 may also separately control the scanning and printing of asingle multi-function device, configuring it to control separate devicesmay reduce the likelihood that settings will be inadvertently changed onthe multifunction device which will result in a more seamlessimplementation. This is possible because multifunction devices ofteninclude user interfaces that allow the user to reset the deviceconfiguration, whereas single purpose devices may not have suchinterfaces, or may have simpler interfaces with fewer settings availablefor configuration on the device itself. It should be noted, however,that where no record of the scanned image copy is to be uploaded to aninmate messaging system, a simple copier or a multifunction device setto a copy mode may be sufficient.

Portable computer or tablet 30 may be any computer such as a laptopcomputer or tablet computer or a smartphone or similar device. While adesktop computer or terminal may be used, due to power requirements, atablet or laptop computer with an internal battery may be moreconvenient. One such tablet computer that may serve as portable computer30 is the Samsung Galaxy Tab S 10.5-Inch Tablet (16 GB, TitaniumBronze). But it is understood that other tablets and portable computingdevices may also be used. Portable computer 30 will preferably connectto scanner 20 and printer 40 wirelessly but may also optionally connectvia USB or similar cables.

In one embodiment portable computer 30 is specially programmed to serveat least two functions: authentication/logging and review. Theauthentication/logging function enables the correctional facility toidentify and log that a particular piece of legal postal mail 1 that isbeing delivered to an inmate. This may be done in a variety of waysincluding, without limitation, by the corrections officer entering theinmates name or identifier and receiving a list of pre-logged legalpostal mail 1 to be delivered, locating the appropriate postal mail, andindicating that it has been provided to the inmate. Alternatively, thecorrections personnel may simply enter the inmate name/identifyingnumber and indicate that legal postal mail 1 was delivered withouthaving had it pre-logged or selected from a list. As a still furtheralternative, the inmate may use optional fingerprint 60 or RFIDcard/wristband reader 61 that is operative connected with computer toidentify himself or herself, after which tablet/portable computer 30either displays a list of pre-logged legal postal mail 1 to be deliveredor allows the correctional facility staff to indicate that legal postalmail 1 is being delivered. Similarly, an optional camera 32 ontablet/portable computer 30 could be used to identify the inmate viafacial recognition, retinal scan or any other unique identifyingcharacteristic, in the same manner as optional fingerprint or RFIDcard/wristband reader 61. Theoretically one could use a DNA match toinsure the inmate's identity. Where portable computer or tablet 30 doesnot include optional camera 32, a separate camera 900 may be used. Thatseparate camera 900 may be any camera capable of communicating withportable computer or tablet 30, such as, without limitation, a LogitechHD Laptop Webcam C615 with Fold-and-Go Design, 360-Dcgrcc Swivel, 1080 pCamera.

The particular item of legal postal mail 1 being delivered may or maynot need to be specifically identified for logging purposes. If it does,then each item of legal postal mail 1 could be assigned a uniqueidentifier during pre-processing (which may or may not take the form ofa barcode sticker capable of being read by portable computer or tablet30 or a number printed or written on the outside of the postal mail, anRFID label, a Bluetooth® LTE, WiFi or ZigBee transmitter, or anytechnology equivalent. Alternatively, or in addition, the legal postalmail 1 may be photographed by portable computer 30 of the mail and/orthe inmate at the time of delivery to provide a record of what wasdelivered and what time it was delivered. The software on the computeror tablet 30 would be enabled to take the required pictures and storethem in the delivery record with the time and date stamp. Theauthentication/logging function may be completed by either storing theinformation in portable computer 30 for later printing or transfer toanother database or system, or by wirelessly transmitting suchinformation to a database or system such as an inmate messaging system,where it can be combined with other information previously gathered whenthe postal mail was initially processed.

For the review function, portable computer 30 may be speciallyprogrammed to trigger scanner 20 and receive an image from scanner 20.Alternatively, scanner 20 may be triggered independently and portablecomputer or tablet 30 may receive the scanned image copy. The inmatewill then review the scanned image copy and determine if the image isclear and complete, or if it needs to be re-scanned. Once the inmate hasconfirmed the image, he or she may optionally acknowledge the scan via asignature (e.g. with their finger on a touch screen of portable computer30), through facial recognition, or via optional fingerprint or RFIDcard/wristband reader 61 in the event the inmate refuses to acknowledge,the corrections personnel may note that refusal on portable computer 30at the time and initiate an override protocol to close the transaction.

For certain correctional facilities it may be preferred that thecorrectional facility staff have as little physical contact with thelegal postal mail 1 as possible, including for safety reasons orcompliance reasons. In such environments, logging and review functionsin one embodiment may be accomplished as follows:

a) an inmate would be asked to login to an inmate messaging system usingportable computer 30, just as the inmate would otherwise login toreceive messages. If the messaging system required a fingerprint or anRFID card/wristband to log in, then finger print or RFID card/wristbandscanner 60 would be used, or a scanner integrated into portable computer30 would be used. If login was by facial recognition, then camera 32 ora separate camera 900 could be used. Otherwise a password, PIN orpattern could be entered on portable computer 30, in the same manner inwhich the inmate would otherwise login to the messaging system.

b) The inmate would then open and scan or copy the legal postal mail 1,for example with scanner 20, as is otherwise described herein.Verification of the scan (via portable computer or tablet 30) or reviewof the printout would confirm that legal postal mail 1 had been properlyscanned. Since the scanning was done while the inmate was logged in, thescan would be associated with the inmate's account. The messaging systemwould record that it was legal postal mail 1 based on the user interfacepresented to the inmate for this process. The fact that inmatesotherwise do not typically upload scanned mail to the messaging systemis handled by the software on computer or tablet 30 so that it is notedand recorded that it is a legal postal mail transaction.

c) The inmate would then shred the legal postal mail 1 via shredder 70or place the legal postal mail into a secure property storage bag andlog out of the messaging system using portable computer or tablet 30.

Through this process, the messaging system records that legal postalmail 1 was delivered to that inmate at that time. The fact that theinmate was able to login to the messaging system identifies that thelegal postal mail 1 was delivered to the correct inmate. The loggingprocess is thereby accomplished with a minimal amount of work bycorrectional facility staff, and with a minimum of handling of the legalpostal mail 1. If the specific legal postal mail 1 delivered needs to beidentified, the envelope or packaging of the legal postal mail 1 couldbe scanned or uploaded via a photograph taken by portable computer 30.In such embodiments the messaging system may provide a simple,specialized user interface specific to the processing of legal postalmail 1 in the manner described.

It will be understood that portable computer 30 may be separated fromlegal postal mail processing cart 10 and handed to the inmate or may besecured to legal postal mail processing cart 10 in a position in whichthe inmate can view it easily, but corrections personnel cannot. Whereit is to be handed to the inmate, it may be disconnected (in which caseit will communicate wirelessly with other devices on legal postal mailprocessing cart 10) or may be connected to such devices with cables.Portable computer 30 may also, for security reasons, be attached tolegal postal mail processing cart 10 by a cable. In addition, it will beunderstood that optional fingerprint reader 60 may be any compatiblefingerprint scanner or RFID card/wristband reader, including withoutlimitation a fingerprint or RFID card/wristband scanner integrated intoportable computer 30.

Optionally, the legal postal mail processing cart 10 camera 32 or aseparate camera 900 could be used record the complete transaction usingcomputer or tablet 30 which would consist of opening legal postal mail1, scanning legal postal mail 1 contents and envelope, the verificationof the scan image copy by the inmate and the shredding of legal postalmail 1 by the inmate as a record of the mail being delivered andprocessed so the inmate can have access to the information contained inthe legal postal mail 1 communication. This feature could be used inaddition to the authentication/logging function or as a secondaryconfirmation step that the mail was appropriately delivered and copiedper the correctional facilities protocol. The video would be stored inthe appropriate correctional facilities database.

As has been noted, in certain embodiments, the legal postal mail 1 maybe printed on printer 40 and left with the inmate. In such embodiments,portable computer or tablet 30 need only provide theauthentication/logging function previously described or, if noauthentication/logging function is required, portable computer or tablet30 need not be included or used at all, as in the case of a copier-basedsystem as opposed to a scanner-based system.

Where a scanned image copy of the legal postal mail 1 is stored forlater access by the inmate on an inmate messaging system such as isdescribed in U.S. application Ser. No. 15/153,171, (the content in itsentirety is incorporated herein by reference), portable computer ortablet 30 may connect with a wireless network to transfer the data inreal time, or may store the data for later transfer via a network(wireless or wired ethernet), or via USB or similar hardware storagemedia. Where transmission via wireless network is used, portablecomputer or tablet 30 may include an internet wireless networkingcapability or may connect via an optional WiFi access point 70 (whichmay suitably be a NETGEAR R6080-100NAS-AC1000 Dual Band Wi-Fi Router orsimilar device). Alternatively, it may connect through a cellularhotspot device such as a Verizon MiFi Jetpack 4620L Verizon WirelessWi-Fi 4G LTE Hotspot Modem or similar device. Such devices can beconvenient where signal strength is not sufficient for portable computeror tablet 30 internal WiFi capability to communicate with thecorrectional facilities network, where portable computer or tablet 30 isnot WiFi capable, or where special security or network requirementsnecessitate the use of a separate wireless access point or router.

Once the legal postal mail 1 has been printed and/or scanned and stored,the inmate will dispose of the original copy of the legal postal mail 1by shredding it using shredder 70. The Royal Sovereign AFX-975 Auto FeedShredder, or any other appropriate shredder may be used. For securitypurposes, a confetti shredder is preferred to a strip shredder. Incertain embodiments a combined scanner/shredder may be used in which thedocuments are shredded immediately after scanning. Such embodimentsrequire the scanner 20 to be highly reliable, however, as scanningfailures cannot be corrected by re-scanning the document when it isshredded automatically. Having the inmate acknowledge receipt oraccurate scanning prior to shredding provides evidence of properdelivery of the legal postal mail.

An alternative to shredding the document would be for the inmate orstaff member to place the scanned legal postal mail into a secure inmateproperty bag for secure storage.

Power supply 80 may provide power to those components on legal postalmail processing cart 10 that do not use their own internal batteries,which will typically include printer 40, scanner 20, shredder 70 andWiFi access point 70. It will be understood that fingerprint 60 or RFIDcard/wristband reader 61 and a separate camera 900 could receive powerfrom either power supply 80 or directly from portable computer or tablet30 via a USB or similar cable.

Power supply 80 may be a single, integrated unit such as a MINUTEMANBP36RTXL (1164)-Extended Battery Pack or similar device or it maycomprise separate components depending on the power needs of the devicesin use. In either event power supply 80 will comprise a battery 84 and apower transformer or inverter 86 capable of meeting the powerrequirements (voltage and amperage) of the selected devices.

Shelving 90 may optionally be included as well to provide storage forthe legal postal mail 1 to be distributed and/or supplies such as paperand printer ink. For security purposes, it may be convenient to encloseshelving 90 in a locking cabinet.

Through this process, the inmate will either be able to view a secure,scanned image of the legal postal mail 1 on an inmate messaging systemor will have a paper copy of the legal postal mail 1. In either event,any contraband in the legal postal mail 1 will have been destroyed orrendered inaccessible by the shredding or property storage process.Where the scanned image copy is stored for display in the inmatemessaging system, portable computer or tablet 30 will transmit thescanned image copy with data and commands sufficient for it to be storedin a manner that the inmate messaging system will not allow it to bedisplayed to corrections facility personnel.

As is referenced above, it will be understood that the legal postal mailprocessing station may be either mobile as described in connection withthe description of legal postal mail processing cart 10 or a fixed kioskor station using similar components, but in a fixed location and withoutthe need of power supply 80. The legal postal mail processing stationmay also contain any of the following additional hardware and associatedsoftware viewing software 92, printing software 93, portable storagemedium docking device 91 such as USB connector or SD card reader andDVD/CD burner and reader 94.

FIG. 2 illustrates a method of using the system previously described, inwhich the inmate retains a paper copy of the legal postal mail 1. Instep 101 it is determined if logging is required.

In step 102 (corrections personnel log delivery on paper orelectronically) the corrections personnel may log the delivery of thelegal postal mail to the inmate on paper or using portable computer ortablet 30 (which need not be portable in the event a fixed kiosk orstation is used instead of a portable cart), and/or optional fingerprintor RFID card/wristband reader 60 as has been previously described.

Next the staff member logs in to the mail scanning station usingcredentials to identify the staff member. The staff member searches forthe recipient inmate by name or inmate identifier to associate thedocuments to be scanned with the inmate's account;

In step 103 provide legal postal mail 1 to inmate, the inmate isproximal to the processing cart 10, the legal postal mail is provided tothe inmate who opens and copies it in step 104 inmate opens and copieslegal postal mail 1. Here it is apparent that if only a paper copy isneeded a copier, or a multifunction device may be used in lieu ofseparate scanner 20 and printer 40. The inmate then verifies the copy instep 105 (copy 1) inmate verifies copy. If the inmate determines in step106 that the copy is not accurate or complete, a new copy is made instep 104 (copy 2) and the copy 1 can be shredded. The process can berepeated until a readable copy is created in step 104. If the copy 1 or2 is accurate, the inmate then shreds the legal postal mail step 107 andretains the copy which is now contraband free in step 108 and inmateretains copy.

Likewise, FIG. 3 illustrates a method of using the system previouslydescribed in which the legal postal mail 1 is scanned, and the scan isstored on an inmate messaging system. In step 201 (is logging required),it is determined if logging is required. This may be done as a matter ofinstitutional policy or as a matter of choice by correctional personnelon a unit-by-unit, or inmate-by-inmate basis. But it is likely that itwill be determined as a matter of institution policy. If so, in step 202(corrections personnel log delivery on paper or electronically) thecorrections personnel may log the delivery of the legal postal mail 1 tothe inmate on paper or using portable computer or tablet 30 (which neednot be portable in the event a fixed kiosk or station is used instead ofa portable cart), and/or optional fingerprint or RFID card/wristbandreader 60 as has been previously described. In step 203 (provide legalpostal mail 1 to inmate), the legal postal mail is provided to theinmate who opens and scans it in step 204 (inmate opens and copies legalpostal mail 1) using scanner 20 or a multifunction device (notillustrated) as previously described. The inmate then verifies thescanned image copy in step 205 (inmate verifies scanned image copy). Ifthe inmate determines in step 206 (is scanned image copy accurate) thatthe scanned image copy is not accurate or complete, a new scanned imagecopy is made in step 204. If allowed by the institution, the inmate maybe given an option in step 208 (inmate given option to print scannedimage copy) to print a copy of the scanned image copy and retain it. Ifthe inmate elects to do so, the scanned image copy can be printed byprinter 40 in step 209 (print copy) and retained. If the scan isaccurate or the inmate has printed the scanned image copy, the inmatethen shreds the original and step 207. In either event, portablecomputer or tablet 30 will have transmitted the scanned image copy ofthe legal postal mail 1 to an inmate messaging system that will allowthe inmate to view the scanned image copy at a later time in step 210(inmate views scanned image through messaging system). More informationabout the design and operation of an appropriate inmate messaging systemis available in U.S. application Ser. No. 15/153,171, previouslyincorporated by reference.

Referring to FIG. 4 which presents an alternate embodiment that utilizesa legal postal mail tracking device and which provides for a uniqueidentifier for each piece of legal postal mail. The identifier is placedon the legal postal mail once it is identified by the staff as legalpostal mail. This provides a unique identifier for the legal postal mailand insures that there is proper handling of the mail. The uniqueidentifier could be in any form that allows electronic tracking so thatthe mail is easily identifiable as legal postal mail. The following is abrief description of the process utilizing the unique identifier totrack legal postal mail within the facility and insure that the mail isdelivered expeditiously to the correct inmate. The process could utilizethe following steps:

1) When legal postal mail 1 has been identified at the mail receivingstation 500 as legal postal mail it is assigned a unique identifier id300 which has a corresponding RFID and/or bar code 310. Alternatively,the institution could also use a Bluetooth® LTE, WiFi or ZigBee®transmitter as the unique identifier and the address or id for thattransmitter would be associated with the particular piece of mail.

2) The unique identifier id 300 is then associated with the legal postalmail 1 and the inmate identifier which is associated with the inmate whothe legal postal mail 1 is addressed to by entering it in a legal postalcomputer tracking system 400 which must be accessible from the legalpostal mail processing cart.

3) The legal postal mail 1 and the legal postal mail processing cart 10will be taken to the inmate or if the legal postal mail processing cart10 is stationary the inmate will be brought to the legal postal mailprocessing cart 10.

4) The staff member logs in to the mail scanning station usingcredentials to identify the staff member.

5) The institution personnel will scan the mail unique identifier 300and the inmate identifier 350 and enter them into the legal postal mailcomputer tracking system. The inmate identifier 350 could be facialrecognition, RFID identity card, RFID bracelet, Bluetooth® LTE, WiFi orZigBee® transmitter.

6) If the legal postal mail unique identifier 300 and inmate identifier350 do not match the mail will be returned to the mail receiving station500 for verification. If the unique identifier 300 and the inmateidentifier 350 match, then the legal postal mail 1 will be opened by theinmate in front of the institution personnel.

7) The legal postal mail 1 will be scanned in front of the inmate by theinstitution personnel or by the inmate under the supervision of theinstitution personnel.

8) The inmate will compare the scanned mail 1510 and the legal postalmail 1.

9) After the inmate concurs with the scan mail 1510 of the legal postalmail 1 the Bluetooth® LTE, WiFi or ZigBee® transmitter, RFID and/or barcode can be removed by the institution staff if required by theinstitution protocol, else it can stay with the mail and the mail willbe bagged for storage or shredded.

10) The inmate will be provided access to the scanned mail 1510 eitherthrough using their inmate identifier and the messaging system of givena printed copy of scan mailed 1510.

Alternatively, the system can be simplified to consist of:

a) a copier;

b) a shredder;

c) a power supply;

all mounted on a portable cart of a fixed work station; whereincorrections personnel can provide legal postal mail to the inmate;wherein the inmate can copy the legal postal mail with the copier andthen shred the legal postal mail with the shredder and retain only thecopy of the legal postal mail.

Referring to FIG. 5 a flow chart of the processing of legal postal mailin an embodiment of a legal postal mail processing station utilizing ascanner, an electronic inmate messaging system, and transmitting thescan image to a central database for eliminating contraband in legalpostal mail for a correctional institution while retaining the privacyof legal mail comprises of the steps:

a. Receiving postal mail at the correctional facility and determiningthat it qualifies as legal mail Step 501;

b. Identifying mail information of each piece of legal postal mailcomprising recipient inmate name and inmate identifier Step 502 and;

c. Identifying legal postal mail sender Step 503;

d. At correctional institution verify that the recipient inmate name andinmate identifier are valid and are active, in-custody, and eligible toreceive legal postal mail Step 504;

e. If the inmate is not valid, has been released, transferred, or isotherwise unable to receive legal postal mail as addressed, it may bereturned to sender by the facility Step 505;

f. At institution using a legal postal mail scanning station for use bystaff member or the inmate under staff member supervision Step 506;

g. Legal mail scanning station comprising a scanner, a computer with afirst camera and display, a shredder, a second camera and a printer;staff member logging in to the mail scanning station using credentialsto identify the staff member Step 507.

h. Staff member searching for recipient inmate by name or inmateidentifier to associate the documents to be scanned with inmate'saccount Step 508;

i. Provide legal postal mail to inmate identified by inmate identifierat inmate institution, inmate being proximal to mail scanning stationand said first camera recording a picture of said inmate Step 509;

j. Inmate or staff member entering the name of the sender from legalmail Step 510;

k. Second camera begins to record a video of the scanning process Step511;

l. Inmate opening the legal mail associated with the recipient inmatename and the inmate identifier Step 512;

m. Inmate scanning legal mail using a scanner attached to computer onmail delivery station to create a scanned image copy 1 for review and ona computer attached to the scanner Step 513;

n. Inmate verifying that scanned image copy 1 from computer on maildelivery station is readable Step 522;

o. If scanned image copy 2 is not readable Step 522 then inmate deletesscanned image copy 1 Step 514, inmate rescans Step 515 the legal mailusing the scanner to create a scanned image copy 1, inmate repeats stepsm and n until scan copy 1 is readable;

p. If the scanned image copy 1 is readable then the inmate approves thescan and stores the scanned image copy 1 Step 516 on computer memoryattached to the scanner on the mail scanning station as scan image copy;

q. The video recorded by the second camera of steps 511-516 beinguploaded to a central server for storage and later retrieval Step 517;

r. The inmate printing scan image copy Step 518;

s. The inmate shredding legal mail Step 519;

t. Transmitting scanned image copy and storing scanned image copy usingan electronic transmission method from the computer on legal postal mailscanning station to recipient inmate via institution messaging system,inmate being identified in messaging system by inmate identifier Step520;

u. wherein the risk of recipient inmates receiving contraband in legalmail is essentially eliminated Step 521.

The second camera and the steps associated with the second camera areoptional and some correctional institutions will not use or have asecond camera to record videos of the inmate opening and scanning legalpostal mail.

The electronic transmission method can be selected from the groupconsisting of, but not limited to, Bluetooth®, Zigbee®, WiFi, 3G, 4 Gand 5 G wireless mobile telecommunications technology, radio frequency,telephonic modem signals and wired ethernet internet.

The legal mail scanning station is configured such that the computer isadapted to store a log of the delivery and copying of the legal postalmail.

Once the legal postal mail has been scanned and transmitted to theinmate messaging system the inmate can then access the scanned legalmail using the inmate messaging system. In most cases the access to thescanned legal mail will require the inmate to enter a second,additional, or different password, or use biometrics such as an irisscan, fingerprint scan or facial recognition, to enable access to thecopy of legal mail delivered through the inmate messaging system. Theinmate messaging system can be any of the following electronic accesssystems as an email system, electronic kiosk, tablet computer, computersystem or messaging system.

Referring to FIG. 6 a flow chart of the processing of legal postal mailreceived at a central processing facility using an embodiment of a legalpostal mail processing station utilizing a scanner, an electronic inmatemessaging system, and transmitting the scan image to a central databasefor eliminating contraband in legal postal mail for a correctionalinstitution while retaining the privacy of legal mail comprises of thesteps:

a. Receiving postal mail at the processing facility and determining thatit qualifies as legal mail Step 600;

b. Separate legal postal mail from non-legal postal mail and place legalpostal mail in legal postal mail queue and place non-legal postal mailin non-legal postal mail queue, separating legal postal mail queue bycorrectional institution, and sending the legal postal mail to eachcorrectional institution Step 601;

c. At the correctional institution identifying mail information of eachpiece of legal postal mail comprising recipient inmate name and inmateidentifier Step 602 and;

d. Identifying legal postal mail sender Step 603;

e. At correctional institution verify that the recipient inmate name andinmate identifier are valid and are active, in-custody, and eligible toreceive legal postal mail Step 604;

f. If the inmate is not valid, has been released, transferred, or isotherwise unable to receive legal postal mail as addressed, it may bereturned to sender by the facility Step 605;

g. At institution using a legal postal mail scanning station for use bystaff member or the inmate under staff member supervision Step 606;

h. Legal mail scanning station comprising a scanner, a computer with afirst camera and display, a shredder, a second camera and a printer;staff member logging in to the mail scanning station using credentialsto identify the staff member Step 607.

i. Staff member searching for recipient inmate by name or inmateidentifier to associate the documents to be scanned with inmate'saccount Step 608;

j. Provide legal postal mail to inmate identified by inmate identifierat inmate institution, inmate being proximal to mail scanning stationand said first camera recording a picture of said inmate Step 609;

k. Inmate or staff member entering the name of the sender from legalmail Step 610;

l. Second camera begins to record a video of the scanning process Step611;

m. Inmate opening the legal mail associated with the recipient inmatename and the inmate identifier Step 612;

n. Inmate scanning legal mail using a scanner attached to computer onmail delivery station to create a scanned image copy 1 for review and ona computer attached to the scanner Step 613;

o. Inmate verifying that scanned image copy 1 from computer on maildelivery station is readable Step 622;

p. If scanned image copy 1 is not readable Step 622 then inmate deletesscanned image copy 1 Step 614, inmate rescans Step 615 the legal mailusing the scanner to create a scanned image copy 1, inmate repeats stepso and p until scan copy 1 is readable;

q. If the scanned image copy 1 is readable then the inmate approves thescan and stores the scanned image copy 1 Step 616 on computer memoryattached to the scanner on the mail scanning station as scan image copy;

r. The video recorded by the second camera of steps 611-616 beinguploaded to a central server for storage and later retrieval Step 617;

s. The inmate printing scan image copy Step 618;

t. The inmate shredding legal mail Step 619;

u. Transmitting scanned image copy and storing scanned image copy usingan electronic transmission method from the computer on legal postal mailscanning station to recipient inmate via institution messaging system,inmate being identified in messaging system by inmate identifier Step620;

v. wherein the risk of recipient inmate receiving contraband in legalmail is essentially eliminated Step 621.

The second camera and the steps associated with the second camera areoptional and some correctional institutions will not use or have asecond camera to record videos of the inmate opening and scanning legalpostal mail.

The electronic transmission method can be selected from the groupconsisting of, but not limited to, Bluetooth®, Zigbee®, WiFi, 3G, 4G and5G wireless mobile telecommunications technology, radio frequency,telephonic modem signals and wired ethernet internet.

The legal mail scanning station is configured such that the computer isadapted to store a log of the delivery and copying of the legal postalmail.

Once the legal postal mail has been scanned and transmitted to theinmate messaging system the inmate can then access the scanned legalmail using the inmate messaging system. In most cases the access to thescanned legal mail will require the inmate to enter a second,additional, or different password, or use biometrics such as an irisscan, fingerprint scan or facial recognition, to enable access to thecopy of legal mail delivered through the inmate messaging system. Theinmate messaging system can be any of the following electronic accesssystems as an email system, electronic kiosk, tablet computer, computersystem or messaging system.

The inventive system and method (hereafter sometimes referred to moresimply as “system” or “method”) described herein identifies and tracksprivate mail in a correctional facility, such as legal postal mail, alsoreferred to herein as legal mail, privileged mail, medical related mail,or other mail where privacy should be retained. Specifically, theinvention utilizes software to validate senders and provide them withunique identification numbers for each piece of private mail they sendto a correctional facility. The senders receive unique identifiers foreach piece of private mail which contain information about the senderand recipient. The unique identifier is affixed to the outside of themail. When the labeled mail is received by the correctional facility,the correctional facility can use the label to validate the mail. Oncethe correctional facility determines that the mail is validated, it doesnot need to be opened in front of the inmate and can be distributed tothe inmate sealed. The inventive system described herein reduces thetime senders take to mail private mail to their recipients incorrectional facilities, limits delivery errors, retains informationabout mail used in corrections facilities, and ensures privacy ismaintained for communications between sender and recipient/inmate.

One or more different embodiments may be described in the presentapplication. Further, for one or more of the embodiments describedherein, numerous alternative arrangements may be described; it should beappreciated that these are presented for illustrative purposes only andare not limiting of the embodiments contained herein or the claimspresented herein in any way. One or more of the arrangements may bewidely applicable to numerous embodiments, as may be readily apparentfrom the disclosure. In general, arrangements are described insufficient detail to enable those skilled in the art to practice one ormore of the embodiments, and it should be appreciated that otherarrangements may be utilized and that structural, logical, software,electrical and other changes may be made without departing from thescope of the embodiments. Particular features of one or more of theembodiments described herein may be described with reference to one ormore particular embodiments or figures that form a part of the presentdisclosure, and in which are shown, by way of illustration, specificarrangements of one or more of the aspects. It should be appreciated,however, that such features are not limited to usage in the one or moreparticular embodiments or figures with reference to which they aredescribed. The present disclosure is neither a literal description ofall arrangements of one or more of the embodiments nor a listing offeatures of one or more of the embodiments that must be present in allarrangements.

Headings of sections provided in this patent application and the titleof this patent application are for convenience only and are not to betaken as limiting the disclosure in any way.

Devices that are in communication with each other need not be incontinuous communication with each other, unless expressly specifiedotherwise. In addition, devices that are in communication with eachother may communicate directly or indirectly through one or morecommunication means or intermediaries, logical or physical.

A description of an aspect with several components in communication witheach other does not imply that all such components are required. To thecontrary, a variety of optional components may be described toillustrate a wide variety of possible embodiments and in order to morefully illustrate one or more embodiments. Similarly, although processsteps, method steps, algorithms or the like may be described in asequential order, such processes, methods and algorithms may generallybe configured to work in alternate orders, unless specifically stated tothe contrary. In other words, any sequence or order of steps that may bedescribed in this patent application does not, in and of itself,indicate a requirement that the steps be performed in that order. Thesteps of described processes may be performed in any order practical.Further, some steps may be performed simultaneously despite beingdescribed or implied as occurring non-simultaneously (e.g., because onestep is described after the other step). Moreover, the illustration of aprocess by its depiction in a drawing does not imply that theillustrated process is exclusive of other variations and modificationsthereto, does not imply that the illustrated process or any of its stepsare necessary to one or more of the embodiments, and does not imply thatthe illustrated process is preferred. Also, steps are generallydescribed once per aspect, but this does not mean they must occur once,or that they may only occur once each time a process, method, oralgorithm is carried out or executed. Some steps may be omitted in someembodiments or some occurrences, or some steps may be executed more thanonce in a given aspect or occurrence.

When a single device or article is described herein, it will be readilyapparent that more than one device or article may be used in place of asingle device or article. Similarly, where more than one device orarticle is described herein, it will be readily apparent that a singledevice or article may be used in place of the more than one device orarticle.

The functionality or the features of a device may be alternativelyembodied by one or more other devices that are not explicitly describedas having such functionality or features. Thus, other embodiments neednot include the device itself.

Techniques and mechanisms described or referenced herein will sometimesbe described in singular form for clarity. However, it should beappreciated that particular embodiments may include multiple iterationsof a technique or multiple instantiations of a mechanism unless notedotherwise. Process descriptions or blocks in figures should beunderstood as representing modules, segments, or portions of code whichinclude one or more executable instructions for implementing specificlogical functions or steps in the process. Alternate implementations areincluded within the scope of various embodiments in which, for example,functions may be executed out of order from that shown or discussed,including substantially concurrently or in reverse order, depending onthe functionality involved, as would be understood by those havingordinary skill in the art.

Generally, in accordance with one exemplary embodiment of the inventivesystem, a sender who wishes to send private mail to an inmate, maylog-into or register for a private sender account using his or her userdevice(s). As used herein, a sender could be anyone who wishes to sendprivate mail, including, for example, but not limited to an attorney, arepresentative of an attorney, a medical professional, etc. The term“sender” generally refers to anyone who may wish to send private mail toan inmate at a correctional facility. Moreover, the terms “prisoner” and“inmate” are used synonymously here and generally refer to anyone whomay be incarcerated or temporarily housed in a limited access system.The terms “prison” and “correctional facility” are also usedsynonymously and not intended to be limiting; they refer generally toany detention center that houses individuals in connection with theapplicable criminal process and criminal justice system, and includes,but is not limited to federal, state, and local agency facilities.Private mail, as used herein, refers generally to any type of mailintended or purported to contain private communication and may have somerestrictions around who may view the communication. Private postal mailincludes—but is not limited to—attorney-client privileged communication,doctor-patient confidential communication, and the like. As describedabove private postal mail may also be referred to as as private mail,legal postal mail, legal mail, privileged mail, etc.

The mail system may register the sender after the sender's privacystatus is verified (i.e. the sender's ability to send private postalmail is verified). For example, if the sender is an attorney, the mailsystem may verify the attorney's identity and/or verify the attorney'sability to send legal postal mail by, for example, querying a state bardatabase. Once verified, the mail system may generate a profile for thesender along with authentication data such as a username and password.The sender may then, subsequently, use the authentication data to obtaina unique mail identifier that can be affixed to private postal mail. Theunique mail identifier may be comprised of additional data that,separately and/or collectively, may be used by a correctional facilityto sort private postal mail and to ensure that privacy remains intactregardless of the processing and/or digitization system that is used.Additionally, the mail identifier may be used to perform additionalchecks to aid in identifying instances when private postal mail is sentby someone other than the sender who has registered with the mailsystem, and/or when private postal mail may likely include communicationthat is causing or promoting criminal acts.

Now referring to FIG. 7, which illustrates a system architectureembodying the present invention—it may be comprised of a privacyverification system 101 (which may be further comprised of a senderverification engine 202 and privacy status indication generator 204),verification agency 102, database(s) 103, facility mail system 108(which may be further comprised of digitization system 302, contrabandactivity detection system 308, fraud detection system 306), userdevice(s) 110, and network 150. The various components enable a senderto send private postal mail, and enable verification and additionalanalysis to ensure that privacy remains intact and/or mail is notimproperly used to conduct or promote criminal activity. The variouscomputing devices described herein are exemplary and for illustrationpurposes only. The system may be reorganized or consolidated, asunderstood by a person of ordinary skill in the art, to perform the sametasks on one or more other servers or computing devices withoutdeparting from the scope of the invention. For example, the system maybe a stand-alone system or fully or partially integrated into the legalpostal mail processing station discussed above.

The privacy verification system 101, in accordance with an embodiment ofthe invention, verifies the identity of the sender and/or verifies theprivacy status of the sender (i.e. determine whether the sender can sendprivate postal mail (i.e. whether the sender has theoretical ability tosend private postal mail). In one embodiment, the privacy verificationsystem 101 receives information about the sender from a user device 110and/or from other sources related to the user's device 110 such as theuser's IP address, etc. More specifically, as described in greaterdetail below, the privacy verification system 101 may be comprised of asender verification engine 202 that may verify whether the sender ispermitted to send private postal mail. A variety of differentverification methodologies may be used, as would be apparent to a personof ordinary skill in the art, without departing from the scope of theinvention, including, but not limited to determining whether the senderprovided information matches information that may be available in one ormore other databases 103 and/or as verified by a verification agency102, etc.

Additionally, as described in greater detail below, the privacyverification system 101 may be comprised a privacy status indicationgenerator 204, which verifies whether the sender is permitted to sendprivate postal mail and generate an identifier that, when affixed tomail, signals that a piece of mail should be treated as private by, forexample, a correctional facility. A variety of identifiers may begenerated, as would be apparent to a person of ordinary skill in theart, without departing from the scope of the invention, including, butnot limited to QR codes, bar codes, etc.

The database(s) 103, in accordance with an embodiment of the invention,may be comprised of data that may be associated with a sender (e.g. asender who is permitted to send private communication such as anattorney or medical professional). A variety of different public and/orprivate databases may be used, including, but not limited to, forexample, state bar databases, federal and state court databases, federalbar databases, medical professionals databases, department of motorvehicles database, etc. In one embodiment, the privacy verificationsystem may query the database(s) 103 to aid in determining whether thesender is in fact permitted to send private postal mail. In otherembodiments, the database(s) 103 may push data to the privacyverification system 101, which enables the privacy verification system101 to determine whether the sender is permitted to send private postalmail.

In one embodiment, a verification agency 102 may provide verificationservices, which enable the privacy verification system 101 to determinewhether a sender is permitted to send private postal mail. Averification agency 102 may maintain one or more databases and/or querydatabase(s) 103. Moreover, the verification agency 102 may employ humanreviewers to ensure that the sender is permitted to send private postalmail. In one embodiment, the verification agency 102 may provide theverification results to the privacy verification system 101.

If a sender's privacy status is verified, the privacy verificationsystem 101 may generate a privacy identifier that, if affixed to apostal mail, may indicate that a piece of mail should be treated asprivate. The term affixed, as used herein, is used generally and doesnot require physical adherence; rather, any method of transferring theidentifier and/or information associated with the identifier, may beused without departing from the scope of the invention, including, forexample, printing the identifier on a postal mail envelope, writing theidentifier on a postal mail envelope, stamping the identifier on apostal mail envelope, etc. In one embodiment, the privacy verificationsystem 101 may record various data associated with the identifier,including, for example, date and/or time that the identifier wasgenerated, location of computing device from where the identifier wasrequested, etc.

If a privacy identifier is detected, the facility mail system 108 mayperform some additional processing to ensure that privacy remainsintact. Generally, facility mail system 108 refers to a mail handlingsystem that is associated with a correctional facility. The facilitymail system 108 may be operated by the correctional facility staffand/or may be operated by a vendor and/or a group of vendors thatprocess mail for correctional facility. In one embodiment, the facilitymail system 108 employs a digitization system 302 for digitizingcontents of mail and enabling inmates to view digital versions of mailsent to them. Generally, digital mail is a preferred method for enablinginmates to view postal mail because it reduces the risk that contrabandthat is placed or hidden within postal mail may be delivered to theinmate. The presence of a privacy identifier on private postal mailsignals to the facility mail system 108 that the mail should not beopened and its contents should not be digitized in an effort to maintainprivacy on the mail.

In one embodiment, the facility mail system 108 may perform someadditional processing when private postal mail with an identifier isreceived. Generally, the fraud detection system 306 may performadditional processing to help determine whether a sender may bedisguising non-private postal mail as private postal mail. In oneembodiment, the contraband activity detection system 308 may identifythe likelihood that private postal mail may be used to commit a crime orincite violence. As illustrated in FIGS. 2 and 3, the fraud detectionsystem 306 and the contraband activity detection system 308 may beembodied in the privacy verification system 101 and/or the facility mailsystem 108.

User device(s) 110 refers to a computing device that may be used by asender to initiate the process of designating postal mail as private. Asdescribed herein, the user device 110 may be used to register for anaccount and provide verification information. Moreover, the user device110 may be used to obtain a privacy identifier that may be included withpostal mail. User device(s) 110 may generally include any computingdevice that is capable of transmitting and/or receiving data over anetwork 150. Data may be collected from user devices 110, and datarequests may be initiated from each user device 110. User device(s) 110may be a server, a desktop computer, a laptop computer, a tabletcomputing device, personal digital assistant (PDA), an in- or out-of-carnavigation system, a smart phone or other cellular or mobile phone, ormobile gaming device, among other suitable computing devices. Userdevices 110 may execute one or more client/user applications, such as aweb browser (e.g., Microsoft Windows Internet Explorer, Mozilla Firefox,Apple Safari, Google Chrome, and Opera, etc.), or a dedicatedapplication to submit user data, or to make prediction queries over anetwork 150.

In particular embodiments, each user device 110 may be an electronicdevice including hardware, software, or embedded logic components or acombination of two or more such components and capable of carrying outthe appropriate functions implemented or supported by the user device110. For example, and without limitation, a user device 110 may be adesktop computer system, a notebook computer system, a netbook computersystem, a handheld electronic device, or a mobile telephone. The presentdisclosure contemplates any user device 110. A user device 110 mayenable a network user at the user device 110 to access a network 150. Auser device 110 may enable its user to communicate with other users atother user devices 110.

A user device 110 may have a web browser, such as MICROSOFT INTERNETEXPLORER, GOOGLE CHROME or MOZILLA FIREFOX, and may have one or moreadd-ons, plug-ins, or other extensions, such as TOOLBAR or YAHOOTOOLBAR. A user device 110 may enable a user to enter a Uniform ResourceLocator (URL) or other address directing the web browser to a server,and the web browser may generate a Hyper Text Transfer Protocol (HTTP)request and communicate the HTTP request to server. The server mayaccept the HTTP request and communicate to the user device 110 one ormore Hyper Text Markup Language (HTML) files responsive to the HTTPrequest. The user device 110 may render a web page based on the HTMLfiles from a server for presentation to the user. Alternatively, aRepresentational State Transfer (REST or REST API) may be used as thepreferred data transfer mechanism. The present disclosure contemplatesany suitable web page files. As an example, and not by way oflimitation, web pages may render from HTML files, JavaScript ObjectNotation (JSON) files or Extensible Markup Language (XML) files,according to particular needs. Such pages may also execute scripts suchas, for example and without limitation, those written in JAVASCRIPT,JAVA, combinations of markup language and scripts, and the like. Herein,reference to a web page encompasses one or more corresponding web pagefiles (which a browser may use to render the web page) and vice versa,where appropriate.

The user device 110 may also include an application that is loaded ontothe user device 110. The application obtains data from the network 150and displays it to the user within the application interface.

Exemplary user devices 110 are illustrated in some of the subsequentfigures provided herein. This disclosure contemplates any suitablenumber of user devices, including computing systems taking any suitablephysical form. As example and not by way of limitation, computingsystems may be an embedded computer system, a system-on-chip (SOC), asingle-board computer system (SBC) (such as, for example, acomputer-on-module (COM) or system-on-module (SOM)), a desktop computersystem, a laptop or notebook computer system, an interactive kiosk, amainframe, a mesh of computer systems, a mobile telephone, a personaldigital assistant (PDA), a server, or a combination of two or more ofthese. Where appropriate, the computing system may include one or morecomputer systems; be unitary or distributed; span multiple locations;span multiple machines; or reside in a cloud, which may include one ormore cloud components in one or more networks. Where appropriate, one ormore computing systems may perform without substantial spatial ortemporal limitation one or more steps of one or more methods describedor illustrated herein. As an example, and not by way of limitation, oneor more computing systems may perform in real time or in batch mode oneor more steps of one or more methods described or illustrated herein.One or more computing systems may perform at different times or atdifferent locations one or more steps of one or more methods describedor illustrated herein, where appropriate.

Network cloud 150 generally represents a network or collection ofnetworks (such as the Internet or a corporate intranet, or a combinationof both) over which the various components illustrated in FIG. 7(including other components that may be necessary to execute the systemdescribed herein, as would be readily understood to a person of ordinaryskill in the art) may be connected and may communicate with each other.In particular embodiments, network 150 is an intranet, an extranet, avirtual private network (VPN), a local area network (LAN), a wirelessLAN (WLAN), a wide area network (WAN), a metropolitan area network(MAN), a portion of the Internet, or another network 150 or acombination of two or more such networks 150. One or more links connectthe systems and databases described herein to the network 150. Inparticular embodiments, one or more links each includes one or morewired, wireless, or optical links. In particular embodiments, one ormore links each includes an intranet, an extranet, a VPN, a LAN, a WLAN,a WAN, a MAN, a portion of the Internet, or another link or acombination of two or more such links. The present disclosurecontemplates any suitable network 150, and any suitable link(s) forconnecting the various systems and databases described herein.

In particular embodiments, each system or engine may be a unitary serveror may be a distributed server spanning multiple computers or multipledatacenters. Systems, engines, or modules may be of various types, suchas, for example and without limitation, web server, news server, mailserver, message server, advertising server, file server, applicationserver, exchange server, database server, or proxy server. In particularembodiments, each system, engine or module may include hardware,software, or embedded logic components or a combination of two or moresuch components for carrying out the appropriate functionalitiesimplemented or supported by their respective servers. For example, a webserver is generally capable of hosting websites containing web pages orparticular elements of web pages. More specifically, a web server mayhost HTML files or other file types, or may dynamically create orconstitute files upon a request, and communicate them to users devicesor other devices in response to HTTP or other requests from usersdevices or other devices. A mail server is generally capable ofproviding electronic mail services to various user devices or otherdevices. A database server is generally capable of providing aninterface for managing data stored in one or more data stores.

In particular embodiments, one or more data storages may becommunicatively linked to one or more servers via one or more links. Inparticular embodiments, data storages may be used to store various typesof information. In particular embodiments, the information stored indata storages may be organized according to specific data structures. Inparticular embodiment, each data storage may be a relational database.Particular embodiments may provide interfaces that enable servers orclients/users to manage, e.g., retrieve, modify, add, or delete, theinformation stored in data storage.

The system may also contain other subsystems and databases, which arenot illustrated in FIG. 1, but would be readily apparent to a person ofordinary skill in the art. For example, the system may include databasesfor storing data, storing features, storing outcomes (training sets),and storing models. Other databases and systems may be added orsubtracted, as would be readily understood by a person of ordinary skillin the art, without departing from the scope of the invention.

Now referring to FIG. 8, which illustrates elements of the privacyverification system 101 in accordance with an embodiment of theinvention. The privacy verification system 101 verifies the identity ofa sender and generates a unique identifier for each piece of privatepostal mail that a sender wishes to send to an inmate at a correctionalfacility. In one embodiment, the privacy verification system 101 may becomprised of sender device interface 201 (which may be further comprisedof data request module 212, sender database 214, and senderauthentication system 216), sender verification engine 202 (which may befurther comprised of a query system 224, agency interface 226, andrelationship analyzer 228), privacy status indication generator 204,fraud detection system 306, and contraband activity detection system308. Although, these components are depicted as subcomponents of therespective sender verification interface 226 or sender verificationengine 202, they could also be separate, individual components, as wouldbe readily understood by one of ordinary skill in the art.

The sender device interface 201 interfaces with the user device 110,which may be connected to the privacy verification system 101 via anetwork 150 to enable a sender to log into the system and generate anidentifier that may be associated with the sender's private postal mail.The data request module 212 may request sender verification data fromthe sender that may be necessary to verify the sender's status assomeone who is permitted to send private postal mail. In one embodiment,the data request module 212 may request information types based onselections and/or information provided by the sender. For example, if asender provides that he or she is associated with an attorney, the datarequest module 212 may request the attorney's bar number and stateinformation (i.e. the state in which the sender is permitted to practicelaw). Similarly, if a sender provides that he or she is associated witha medical practitioner, the data request module 212 may request themedical practitioner's license number or the like. In other instances,the data request module 212 may request the attorney's law firm name, ifapplicable, professional and/or personal address, email address, etc. Inone embodiment, the sender verification data may be used to verify thesender's theoretical ability to send private communication to arecipient. In one embodiment, the data request module 212 may requestand obtain secondary sender data, which may be comprised of, forexample, intended recipient information, metadata information associatedwith the request to send private postal mail, date and/or timeassociated with the request, etc.

The information provided by the sender may be stored in a senderdatabase 214. For example, the sender's name, address, bar number, statebar information, and other relevant information may be logged into thesender database 214. In one embodiment, other information, which is alsoreferred to as secondary sender data may be obtained, which may includemetadata associated with the sender's request to send private postalmail, IP address of the sender's user device, unique identifier of thesender's user device 110, geo-location or approximate location of thesender's user device 110, the date and time of the request, the name ofthe intended recipient, etc. may also be recorded in the sender database214. In one embodiment, the secondary sender data may be used to performadditional downstream analysis that is described in greater detailbelow.

The sender authentication system 216 generates a user profile forsenders who are verified to be able to send private postal mail. In oneembodiment, the sender authentication system 216 may leverage theinformation that is provided by the sender, including the sender's name,email address, physical mailing address, etc. The sender may be asked togenerate a password to access his or her profile and/or a password maybe generated for the sender. The sender may use his or her profile tosubsequently log into the system and request a privacy mail identifierfor each piece of postal mail that should be treated as private. Once auser profile is generated (and the sender's privacy status is verified),the verification process does not need to be repeated to obtainsubsequent privacy identifiers. Instead, verification may be performedperiodically, such as, quarterly, annually, semi-annually, after adesignated number of privacy identifier requests, etc. as would beapparent to a person of ordinary skill in the art.

Now referring to the sender verification engine 202, which verifies thesender's privacy status (i.e. the sender's theoretical ability to sendprivate postal mail). In one embodiment, the sender verification engine202 may be comprised of a query system 224, an agency interface 226, anda relationship analyzer 228. The query system 224 queries various otherpublic and/or private databases to verify the sender's ability to sendprivate postal mail. In the example above, the query system 224 mayquery a state bar database to determine whether the sender is an activestatus attorney in a state who is able to send private postal mail. Inother instances, the query system 224 may query a database of authorizedmedical providers to determine if the sender is permitted to sendprivate postal mail. In one embodiment, the query system 224 may queryother databases such as the department of motor vehicles to verify theaddress provided by the sender. This additional querying step may beused to, for instance, determine that the sender is not pretending to bean individual who is permitted to send private postal mail. In theseinstances, the data request module 212 may request additionalinformation that is likely to be known only to the sender and verifiablefrom public and/or private databases. In one embodiment, the querysystem 224 may verify or query sender verification data to verify thesender's theoretical ability to send private postal mail.

The agency interface 226 interfaces with verification agencies 102 toobtain privacy status of a sender (i.e. the sender's theoretical abilityto send private postal mail). As described above, verification agencies102 may, separately and/or in conjunction with the privacy verificationsystem 101, determine whether a sender is permitted to send privatepostal mail. The verification agencies 102 may query public and orprivate databases and/or may employ human reviewers to verify thesender's privacy status. The agency interface 226 may receive theresults of the analysis performed by the verification agencies 102 andstore the results in the sender database 214. In one embodiment, agencyinterface 226 may verify sender verification data to verify the sender'stheoretical ability to send private postal mail.

The relationship analyzer 228 may perform additional analysis todetermine if the sender is permitted to send private postal mail to aninmate recipient at a correctional facility. In one embodiment, therelationship analyzer 228 may require the sender to furnish a signedengagement agreement, such as in the example from above regardingattorney-client privilege. In other instances, the relationship analyzer228 may obtain public data indicating that the sender and the recipientmay initiate private communication, by, for example, obtaining and/oranalyzing press release documents, court filing documents, etc.

The privacy status indication generator 204 generates identifiers thatcan be associated with private postal mail that a sender would like tosend to an inmate at a correctional facility. In one embodiment, theidentifiers may be unique and/or randomly generated. A variety ofdifferent identifiers may be generated, including, but not limited tonumbers, alpha-numeric codes, QR codes, bar codes, pictures, or otheridentifiers as would be apparent to someone skilled in the art. Theidentifiers may be affixed and/or represented on postal mail to help thefacility mail system 108 in identifying private postal mail that shouldbe processed specially (i.e., for example, not be opened and/ordigitized without the inmate's permission).

The privacy verification system 101 may communicate with the facilitymail system 108 of the incarceration facility to inform the facilitythat it will be receiving private postal mail labeled with a uniqueidentifier. For example, when a sender uses the privacy verificationsystem to obtain an identifier from the privacy status indicationgenerator 204, this may serve as an indicator to have the privacyverification system 101 notify the incarceration facility, in particularthe facility mail system 108, that private postal mail is beingprepared, and likely to arrive soon. This may help incarcerationfacility personnel to know approximately when private postal mail islikely to arrive and what is contained in the mail (e.g. privatecommunication or other information as would be apparent to one skilledin the art).

The privacy verification system 101 may also communicate with thefacility mail system 108 to validate that the target recipient isactive, in-custody and eligible to receive private postal mail. Thisvalidation may rely on the use of a recipient inmate identifier. In oneembodiment, the recipient inmate information may be received from

The fraud detection system 306 and contraband activity detection system308 may, respectively, perform additional processing to help determinewhether a sender may be disguising non-private postal mail as privatepostal mail, and/or identify the likelihood that the mail may be used tofurther undesirable behavior such as committing a crime or incitingviolence, or to pass an illegal substance. The fraud detection system306 and contraband activity detection system 308 are described in moredetail in reference to FIG. 9 below and that discussion is incorporatedby reference herein. In one embodiment, the fraud detection system 306and contraband activity detection system 308 may initiate analysis whenthe mail facility system 108 scans and/or receives private postal mailwith an identifier generated by the privacy verification system 101. Inone instance, for example, when an identifier is scanned at the mailfacility system 108 the system may provide the identifier informationalong with related data such as sender and recipient information, dateand time receipt, etc. The fraud detection system 306 and contrabandactivity detection system 308 may perform additional analysis, inaccordance with the description below, based on the providedinformation. As would be apparent from this discussion, the frauddetection system 306 and/or the contraband activity detection system 308may be implemented in the privacy verification system 101 and/or thefacility mail system 108.

FIG. 9 illustrates an exemplary embodiment of the facility mail system108, which enables a correctional facility to read the unique identifierattached to a mail or package coming into the correctional facility andverify that the mail or package meets the incarceration facility'srequirements for private postal mail. The facility mail system 108 maybe comprised of a privacy status identifier reader 301, maildigitization system 302, contraband activity detection system 308, frauddetection system 306 and delivery log 310.

The privacy status identifier reader 301 identifies privacy statusidentifiers that may be associated with private postal mail. Forexample, in one embodiment, the privacy status identifier reader 301 mayuse machine vision or image processing analysis to identify labels of apre-determined color, shape, and/or size, which may indicate that aprivacy status identifier is attached. In other embodiments, the privacystatus identifier reader 301 obtains additional data associated withprivacy status identifier. For example, the privacy status identifierreader 301 may capture, interpret, and retrieve data associated with,for example, a bar code, a QR code, etc. In one embodiment, the privacystatus identifier reader 301 may obtain privacy status identifier data,which may include, for example, a date that the privacy statusidentifier was generated, a date that the request to send private postalmail was received, and sender identity. In one exemplary embodiment ahuman may review incoming postal mail to determine whether it contains aprivacy status identifier, and may provide the relevant information tothe privacy status identifier reader 301.

The mail digitization system 302 serves to scan received mail into anelectronic or digital form to be relayed to an inmate. In the case ofthe privacy status identifier reader 301 detecting an identifierindicative of private postal mail, this can prevent the private postalmail from being digitized by the mail digitization system 302 so thatthe mail can be appropriately processed for delivery to the inmateunopened with privacy intact. If a privacy status identifier isassociated with a private postal mail, the mail digitization system 302may digitize the envelope or the exterior portion of the private postalmail. The information on the envelope may be further processed, via anoptical image recognition system or a computer vision system, toidentify sender information, recipient information. This information isherein also referred to as facility data. In one embodiment, facilitydata may also be comprised of receipt date indicating a date or timewhen the private postal mail may be received at a facility. In oneembodiment, the mail receipt date may be obtained as metadata from theprivacy status identifier reader 301.

The fraud detection system 306 performs fraud detection analysis basedon the obtained facility and at least one of sender verification data,secondary sender data and privacy status identifier data. In oneembodiment, the fraud detection system 306 may trigger a fraud alert ifat least one of the obtained facility data and at least of the obtainedsender data does not match. For example, the fraud detection system 306triggers a fraud alert if sender information in the facility data andsender information in at least one of the sender verification data andthe sender information in the secondary sender data does not match. Inanother example, the fraud detection system 306 triggers a fraud alertif recipient information in the facility data and intended recipientinformation in the secondary sender data does not match. Similarly, thefraud detection system 306 triggers a fraud alert if a receipt dateassociated with the facility data and the request data associated withthe secondary sender data do not meet a threshold. In other words, insome embodiments, the fraud detection system 306 examines theinformation from the privacy status identifier and other aspects of theprivate postal mail to see if it contains questionable information aboutthe private postal mail that should alert prison or jail personnel. Suchinformation includes wrong addresses, wrong name, suspicious sender nameand address, and others. Other issues that the fraud detection system306 may detect include missing information or wrong combinations of suchinformation. In one embodiment, the fraud detection system 306 mayidentify wrong information by comparing the data comprised in, forexample, the envelope of the private postal mail that has a privacystatus indicator and comparing it against privacy status identifier datathat may have been generated when the privacy status identifier may havebeen generated (and may contain sender data and/or secondary senderdata) by accessing the privacy status identifier data via the privacystatus identifier reader 301.

In one embodiment of the inventive system, a contraband activitydetection system 308 performs contraband activity detection analysisbased on facility data associated with two or more received privatepostal mails with the generated privacy status identifier. In oneembodiment, the contraband activity detection system 308 may trigger acontraband alert if two or more private postal mails received by themail processing facility have the same unique privacy status identifier.In one embodiment, the contraband activity detection system 308 maytrigger a contraband alert if one sender is associated with severalprivate postal mailings to multiple inmates at a correctional facility,wherein the private postal mailings are received by a mail processingfacility within a threshold timeframe. In one embodiment, the contrabandactivity detection system 308 performs contraband activity detectionanalysis based on data associated with two or more received privatepostal mails with different generated privacy status identifiers. Thefraud detection system 308 identifies an overall trend of past eventsfrom analyzing past private postal mail information to see if there arepatterns to describe likelihood of crime, malfeasance, or otherinsidious activity. The contraband activity detection system 308 tracksand stores information from current and past private postal mail such asthe PIN, QR code, address information, etc. and analyzes trends throughMachine Learning or other algorithms as would be apparent to someoneskilled in the art to alert law enforcement or prison officials toabnormal events. For example, the contraband activity detection system308 may analyze data from current and past private postal mailings todetect whether one sender is associated with several private postalmailings to one or multiple inmates at a correctional facility within apredetermined threshold timeframe and trigger an alert if the number ofmailings in a given timeframe appears unusual or suspicious or exceeds apredetermined value. In addition, the contraband detection system mayserve to ensure that contraband such as photographs, pornography,illegal drugs or substances, something that could be used as a weapon,or something that could be used to otherwise harm another person, is notbeing delivered to the inmate by for example, identifying suspiciouspatterns in postal mail that is marked as having a privacy statusidentifier.

The delivery log 310 enables the facility mail system 108 to maintainrecords of private postal mail labeled with identifiers created by thissystem. The delivery log 310 may be digital, and information maintainedby the delivery log 310 may be used for further analysis by the frauddetection system 306.

FIG. 10 illustrates an exemplary computer implemented process, ormethod, for tracking private postal mail in a correctional facility.

The process may begin with receiving a request from a sender to sendprivate postal mail at step 450. The request may be initiated from acomputing device that is associated with the sender as described inreference to FIG. 7. At step 451, the system determines if the senderhas an existing user profile. If it is determined at step 451 that theuser does not have a user profile, the user may be asked if they wouldlike to create a new user profile. When a user opts to create a new userprofile, the process proceeds to receiving a new user profile requestfrom a sender at 402. In one exemplary embodiment of this step in theprocess, the profile request may be received from the sender's userdevice and may include very general information (e.g., name, date ofbirth, email address).

After a profile request from a sender 402 is received, a request is sentto the sender asking for more detailed sender verification data 404. Thesender verification data may include the sender provided data such asthe sender's Bar Card Number, Medical License Number, Driver's LicenseNumber, Social Security Number, address, or other data that can validatethe sender's theoretical ability to send private postal mail such asprivileged postal mail or mail that should not be opened or reviewed bythe mail processing facility that is associated with the correctionalfacility. The sender verification data may be received from the sender'scomputer, mobile phone, an app, or other user device or mechanism forsending information.

The process then attempts to verify the sender verification data 406 bycomparing the sender verification data with other data, including, butnot limited to data found in agencies and/or in the publicly maintaineddatabased and/or private databases. Some public agencies such as theDepartment of Motor Vehicles, the Social Security Administration, andState Bar Associations may have information about various persons. Atstep 406 agency data may be retrieved and compared to senderverification data for possible matches. The verification data may besaved in a database or other repository within the system for accessingat a later time. If the sender data is verified, then the process willgenerate a user profile 408 for the sender and proceed to step 456described below directly to step 458, which is not specificallyillustrated in FIG. 10 for ease of review. However, in some instances,additional secondary data may be obtained 456 and, in other instances,privacy status identifier 458 may be generated after the user profile isgenerated 408.

Returning to step 451, if it is determined that the sender has anexisting user profile, the process proceeds to step 454 to verify theuser profile is valid. The verification at 454 may obtain senderprovided data in the user profile and verify the data as in step 406above by comparing the existing verification data with data found invarious agencies in order to ensure the user is still a valid user andauthorized to send private postal mail.

If the sender's profile is verified 454, the process then proceeds toobtain secondary sender data 456. Secondary sender data may be comprisedof a variety of different information that may be associated with thesender, the intended recipient, the request to send private postal,and/or information associated with the sender's computing device. In oneembodiment, secondary sender data may be comprised of intended recipientinformation, which may be obtained from the sender and/or from thesender's request to send private postal mail 450. In other instances,the secondary sender data may be comprised of the intended recipientinmate's name, address, inmate ID, or other information associated withthe inmate as would be apparent to one skilled in the art. In otherembodiments, secondary sender data may be comprised of senderinformation and/or information about the date and/or time that therequest to send private postal mail 450 was initiated. In other or sameembodiments, secondary sender data may be comprised of informationassociated with the sender's computing device, such as the computingdevice's identifier, such as a Unique Device Identification Code, IPaddress, MAC address, and/or other data that may be used to identify thecomputing device's geo-location. In one embodiment, the secondary senderdata step 456 may be bypassed or may be optional and the process maycontinue to generate a privacy status identifier 458 if the user profileis verified 454.

At step 458 the process may generate a privacy status identifier. In oneembodiment, the privacy status identifier may be affixed to a privatepostal mail to indicate that a postal mail that is send to an inmate asa correction facility is a private postal mail that should not be readand/or otherwise digitized in a manner such that the content of mail maybe read by someone other than the intended recipient. The term affixedis used generally here and may refer printing the privacy statusidentifier on postal mail that should be treated as private postal mail.In some embodiments, each privacy status identifier may be unique and/ormay be randomly generated. As would be understood by a person ofordinary skill in the art, a unique privacy status identifier may beused for further downstream analysis as described in greater detail inthis document. A privacy status identifier may by embodied in a varietyof different ways, including, but not limited to a number, PIN, QR Code,picture, other scannable or readable label or the like, or some othermethod for identification that would be understood by someone skilled inthe art. Additionally, the secondary sender data and the privacy statusidentifier may be saved in the system's database or other repository forfuture access. In one embodiment, the process may terminate after aprivacy status identifier is generated 458.

Postal mail, including private postal mail, may be processed at a mailprocessing facility associated with a corrections facility. The mailprocessing facility may or may not be located at the same location asthe correctional facility. In one embodiment, the mail processingfacility may send facility data when a postal mail or private postalmail with a privacy status identifier is processed. In other words,facility data may be obtained 460 when postal mail or private postalmail with a privacy status identifier is processed at a correctionsfacility and/or a mail processing facility associated with a correctionsfacility. In one instance, the presence of privacy status identifier mayindicate that the associated mail should be handled differently thannon-private postal mail in order to maintain privacy. For example, themail processing facility or the correctional facility may automaticallyreject digitization efforts on private postal mail or postal mail thatis marked as private by a privacy status identifier.

In one embodiment, the facility data may comprise a variety ofinformation that may be obtained from the private postal mail and/or theprivacy status identifier. In one embodiment, facility information maybe comprised sender information (i.e. the name of the sender aspresented in the private postal mail envelope, for example), recipientinformation (i.e. name of the recipient provided on the private postalmail envelope, for example), date of receipt data (i.e. the date thatthe private postal mail was sent and/or processed at the facility, forexample). In other or same embodiments, facility data may includeprivacy status identifier information including, for example, a uniqueidentifier that may be associated with the privacy status identifier.Facility data may also include other data that may be associated withthe privacy status identifier, which may be obtained from accessingappropriate databases, such as sender verification data, etc.

Sender verification data, secondary sender data, and/or facility datamay be used to perform fraud detection analysis 462 and/or contrabandactivity detection 464. These steps of fraud detection and contrabandactivity detection are performed as described above with respect to FIG.8 and FIG. 9. Briefly, fraud detection analysis 462 may be based on theobtained facility data and the obtained secondary sender data. A fraudalert may be triggered if the obtained facility data and at least of theobtained sender data does not match. In one embodiment, the fraud alertmay be generated if sender information in the facility data and senderinformation in at least one of the sender verification data and thesender information in the secondary sender data does not match. In oneembodiment, a fraud alert may be triggered if recipient information inthe facility data and intended recipient information in the secondarysender data does not match. In one embodiment, a fraud alert may betriggered if a receipt date associated with the facility data and therequest data associated with the secondary sender data do not meet athreshold. A threshold, as used herein, may refer to the amount of timethat has transpired between the request date and the receipt date. Alarge difference (i.e. beyond a threshold) in the two dates may indicatethat that fraud may be likely.

Contraband analysis 464 may be performed based on facility dataassociated with two or more received private postal mails with thegenerated privacy status identifier. In one embodiment, the contrabandactivity detection step 464 may trigger an alert if two or more privatepostal mails received by the mail processing facility have the sameunique privacy status identifier. In one embodiment, the contrabandanalysis 464 may be performed by analyzing data associated with two ormore received private postal mails with different generated privacystatus identifiers. For example, contraband activity detection 464 maytriggers an alert if one sender is associated with several privatepostal mailings to multiple inmates at a correctional facility, whereinthe private postal mailings are received by a mail processing facilitywithin a threshold timeframe.

While the above is described in reference to private postal mail whichis one embodiment of the invention, the invention, in one embodiment,also encompasses digital communications, such as email and the like. Inthese embodiments, the privacy status identifier could be applied forand generated in accordance to the description above for digitalcommunication and a digital privacy status identifier may be associatedwith the relevant private digital messages. Fraud and contrabandanalysis may be performed on digital privacy status identifiers in muchthe same way as described herein.

Generally, the techniques disclosed herein may be implemented onhardware or a combination of software and hardware. For example, theymay be implemented in an operating system kernel, in a separate userprocess, in a library package bound into network applications, on aspecially constructed machine, on an application-specific integratedcircuit (ASIC), or on a network interface card.

Software/hardware hybrid implementations of at least some of theembodiments disclosed herein may be implemented on a programmablenetwork-resident machine (which should be understood to includeintermittently connected network-aware machines) selectively activatedor reconfigured by a computer program stored in memory. Such networkdevices may have multiple network interfaces that may be configured ordesigned to utilize different types of network communication protocols.A general architecture for some of these machines may be describedherein in order to illustrate one or more exemplary means by which agiven unit of functionality may be implemented. According to specificembodiments, at least some of the features or functionalities of thevarious embodiments disclosed herein may be implemented on one or moregeneral-purpose computers associated with one or more networks, such asfor example an end-user computer system, a user computer, a networkserver or other server system, a mobile computing device (e.g., tabletcomputing device, mobile phone, smartphone, laptop, or other appropriatecomputing device), a consumer electronic device, a music player, or anyother suitable electronic device, router, switch, or other suitabledevice, or any combination thereof. In at least some embodiments, atleast some of the features or functionalities of the various embodimentsdisclosed herein may be implemented in one or more virtualized computingenvironments (e.g., network computing clouds, virtual machines hosted onone or more physical computing machines, or other appropriate virtualenvironments).

Referring now to FIG. 11, there is shown a block diagram depicting anexemplary computing device 10 suitable for implementing at least aportion of the features or functionalities disclosed herein. Computingdevice 10 may be, for example, any one of the computing machines listedin the previous paragraph, or indeed any other electronic device capableof executing software- or hardware-based instructions according to oneor more programs stored in memory. Computing device 10 may be configuredto communicate with a plurality of other computing devices, such asclients/users or servers, over communications networks such as a widearea network a metropolitan area network, a local area network, awireless network, the Internet, or any other network, using knownprotocols for such communication, whether wireless or wired.

In one aspect, computing device 10 includes one or more centralprocessing units (CPU) 12, one or more interfaces 15, and one or morebusses 14 (such as a peripheral component interconnect (PCI) bus). Whenacting under the control of appropriate software or firmware, CPU 12 maybe responsible for implementing specific functions associated with thefunctions of a specifically configured computing device or machine. Forexample, in at least one aspect, a computing device 10 may be configuredor designed to function as a server system utilizing CPU 12, localmemory 11 and/or remote memory 16, and interface(s) 15. In at least oneaspect, CPU 12 may be caused to perform one or more of the differenttypes of functions and/or operations under the control of softwaremodules or components, which for example, may include an operatingsystem and any appropriate applications software, drivers, and the like.

CPU 12 may include one or more processors 13 such as, for example, aprocessor from one of the Intel, ARM, Qualcomm, and AMD families ofmicroprocessors. In some embodiments, processors 13 may includespecially designed hardware such as application-specific integratedcircuits (ASICs), electrically erasable programmable read-only memories(EEPROMs), field-programmable gate arrays (FPGAs), and so forth, forcontrolling operations of computing device 10. In a particular aspect, alocal memory 11 (such as non-volatile random-access memory (RAM) and/orread-only memory (ROM), including for example one or more levels ofcached memory) may also form part of CPU 12. However, there are manydifferent ways in which memory may be coupled to system 10. Memory 11may be used for a variety of purposes such as, for example, cachingand/or storing data, programming instructions, and the like. It shouldbe further appreciated that CPU 12 may be one of a variety ofsystem-on-a-chip (SOC) type hardware that may include additionalhardware such as memory or graphics processing chips, such as a QUALCOMMSNAPDRAGON™ or SAMSUNG EXYNOS™ CPU as are becoming increasingly commonin the art, such as for use in mobile devices or integrated devices.

As used herein, the term “processor” is not limited merely to thoseintegrated circuits referred to in the art as a processor, a mobileprocessor, or a microprocessor, but broadly refers to a microcontroller,a microcomputer, a programmable logic controller, anapplication-specific integrated circuit, and any other programmablecircuit.

In one aspect, interfaces 15 are provided as network interface cards(NICs). Generally, NICs control the sending and receiving of datapackets over a computer network; other types of interfaces 15 may forexample support other peripherals used with computing device 10. Amongthe interfaces that may be provided are Ethernet interfaces, frame relayinterfaces, cable interfaces, DSL interfaces, token ring interfaces,graphics interfaces, and the like. In addition, various types ofinterfaces may be provided such as, for example, universal serial bus(USB), Serial, Ethernet, FIREWIRE™, THUNDERBOLT™, PCI, parallel, radiofrequency (RF), BLUETOOTH™, near-field communications (e.g., usingnear-field magnetics), 802.11 (WiFi), frame relay, TCP/IP, ISDN, fastEthernet interfaces, Gigabit Ethernet interfaces, Serial ATA (SATA) orexternal SATA (ESATA) interfaces, high-definition multimedia interface(HDMI), digital visual interface (DVI), analog or digital audiointerfaces, asynchronous transfer mode (ATM) interfaces, high-speedserial interface (HSSI) interfaces, Point of Sale (POS) interfaces,fiber data distributed interfaces (FDDIs), and the like. Generally, suchinterfaces 15 may include physical ports appropriate for communicationwith appropriate media. In some cases, they may also include anindependent processor (such as a dedicated audio or video processor, asis common in the art for high-fidelity A/V hardware interfaces) and, insome instances, volatile and/or non-volatile memory (e.g., RAM).

Although the system shown in FIG. 11 illustrates one specificarchitecture for a computing device 10 for implementing one or more ofthe embodiments described herein, it is by no means the only devicearchitecture on which at least a portion of the features and techniquesdescribed herein may be implemented. For example, architectures havingone or any number of processors 13 may be used, and such processors 13may be present in a single device or distributed among any number ofdevices. In one aspect, single processor 13 handles communications aswell as routing computations, while in other embodiments a separatededicated communications processor may be provided. In variousembodiments, different types of features or functionalities may beimplemented in a system according to the aspect that includes a userdevice (such as a tablet device or smartphone running user software) andserver systems (such as a server system described in more detail below).

Regardless of network device configuration, the system of an aspect mayemploy one or more memories or memory modules (such as, for example,remote memory block 16 and local memory 11) configured to store data,program instructions for the general-purpose network operations, orother information relating to the functionality of the embodimentsdescribed herein (or any combinations of the above). Programinstructions may control execution of or comprise an operating systemand/or one or more applications, for example. Memory 16 or memories 11,16 may also be configured to store data structures, configuration data,encryption data, historical system operations information, or any otherspecific or generic non-program information described herein.

Because such information and program instructions may be employed toimplement one or more systems or methods described herein, at least somenetwork device embodiments may include nontransitory machine-readablestorage media, which, for example, may be configured or designed tostore program instructions, state information, and the like forperforming various operations described herein. Examples of suchnontransitory machine-readable storage media include, but are notlimited to, magnetic media such as hard disks, floppy disks, andmagnetic tape; optical media such as CD-ROM disks; magneto-optical mediasuch as optical disks, and hardware devices that are speciallyconfigured to store and perform program instructions, such as read-onlymemory devices (ROM), flash memory (as is common in mobile devices andintegrated systems), solid state drives (SSD) and “hybrid SSD” storagedrives that may combine physical components of solid state and hard diskdrives in a single hardware device (as are becoming increasingly commonin the art with regard to personal computers), memristor memory, randomaccess memory (RAM), and the like. It should be appreciated that suchstorage means may be integral and non-removable (such as RAM hardwaremodules that may be soldered onto a motherboard or otherwise integratedinto an electronic device), or they may be removable such as swappableflash memory modules (such as “thumb drives” or other removable mediadesigned for rapidly exchanging physical storage devices),“hot-swappable” hard disk drives or solid state drives, removableoptical storage discs, or other such removable media, and that suchintegral and removable storage media may be utilized interchangeably.Examples of program instructions include both object code, such as maybe produced by a compiler, machine code, such as may be produced by anassembler or a linker, byte code, such as may be generated by forexample a JAVA™ compiler and may be executed using a Java virtualmachine or equivalent, or files containing higher level code that may beexecuted by the computer using an interpreter (for example, scriptswritten in Python, Perl, Ruby, Groovy, or any other scripting language).

In some embodiments, systems may be implemented on a standalonecomputing system. Referring now to FIG. 12, there is shown a blockdiagram depicting a typical exemplary architecture of one or moreembodiments or components thereof on a standalone computing system.Computing device 20 includes processors 21 that may run software thatcarry out one or more functions or applications of embodiments, such asfor example a client application 24. Processors 21 may carry outcomputing instructions under control of an operating system 22 such as,for example, a version of MICROSOFT WINDOWS™ operating system, APPLEmacOS™ or iOS™ operating systems, some variety of the Linux operatingsystem, ANDROID™ operating system, or the like. In many cases, one ormore shared services 23 may be operable in system 20, and may be usefulfor providing common services to client applications 24. Services 23 mayfor example be WINDOWS™ services, user-space common services in a Linuxenvironment, or any other type of common service architecture used withoperating system 21. Input devices 28 may be of any type suitable forreceiving user input, including for example a keyboard, touchscreen,microphone (for example, for voice input), mouse, touchpad, trackball,or any combination thereof. Output devices 27 may be of any typesuitable for providing output to one or more users, whether remote orlocal to system 20, and may include for example one or more screens forvisual output, speakers, printers, or any combination thereof. Memory 25may be random-access memory having any structure and architecture knownin the art, for use by processors 21, for example to run software.Storage devices 26 may be any magnetic, optical, mechanical, memristor,or electrical storage device for storage of data in digital form (suchas those described above, referring to FIG. 5). Examples of storagedevices 26 include flash memory, magnetic hard drive, CD-ROM, and/or thelike.

In some embodiments, systems may be implemented on a distributedcomputing network, such as one having any number of clients/users and/orservers. Referring now to FIG. 13, there is shown a block diagramdepicting an exemplary architecture 30 for implementing at least aportion of a system according to one aspect on a distributed computingnetwork. According to the aspect, any number of clients 33 may beprovided. Each client 33 may run software for implementing client-sideportions of a system; clients may comprise a system 20 such as thatillustrated in FIG. 12. In addition, any number of servers 32 may beprovided for handling requests received from one or more clients 33.Clients 33 and servers 32 may communicate with one another via one ormore electronic networks 31, which may be in various embodiments any ofthe Internet, a wide area network, a mobile telephony network (such asCDMA or GSM cellular networks), a wireless network (such as WiFi, WiMAX,LTE, and so forth), or a local area network (or indeed any networktopology known in the art; the aspect does not prefer any one networktopology over any other). Networks 31 may be implemented using any knownnetwork protocols, including for example wired and/or wirelessprotocols.

In addition, in some embodiments, servers 32 may call external services37 when needed to obtain additional information, or to refer toadditional data concerning a particular call. Communications withexternal services 37 may take place, for example, via one or morenetworks 31. In various embodiments, external services 37 may compriseweb-enabled services or functionality related to or installed on thehardware device itself. For example, in one aspect where clientapplications 24 are implemented on a smartphone or other electronicdevice, client applications 24 may obtain information stored in a serversystem 32 in the cloud or on an external service 37 deployed on one ormore of a particular enterprise's or user's premises.

In some embodiments, clients 33 or servers 32 (or both) may make use ofone or more specialized services or appliances that may be deployedlocally or remotely across one or more networks 31. For example, one ormore databases 34 may be used or referred to by one or more embodiments.It should be understood by one having ordinary skill in the art thatdatabases 34 may be arranged in a wide variety of architectures andusing a wide variety of data access and manipulation means. For example,in various embodiments one or more databases 34 may comprise arelational database system using a structured query language (SQL),while others may comprise an alternative data storage technology such asthose referred to in the art as “NoSQL” (for example, HADOOP CASSANDRA™,GOOGLE BIGTABLE™, and so forth). In some embodiments, variant databasearchitectures such as column-oriented databases, in-memory databases,clustered databases, distributed databases, or even flat file datarepositories may be used according to the aspect. It will be appreciatedby one having ordinary skill in the art that any combination of known orfuture database technologies may be used as appropriate, unless aspecific database technology or a specific arrangement of components isspecified for a particular aspect described herein. Moreover, it shouldbe appreciated that the term “database” as used herein may refer to aphysical database machine, a cluster of machines acting as a singledatabase system, or a logical database within an overall databasemanagement system. Unless a specific meaning is specified for a givenuse of the term “database”, it should be construed to mean any of thesesenses of the word, all of which are understood as a plain meaning ofthe term “database” by those having ordinary skill in the art.

Similarly, some embodiments may make use of one or more security systems36 and configuration systems 35. Security and configuration managementare common information technology (IT) and web functions, and someamount of each are generally associated with any IT or web systems. Itshould be understood by one having ordinary skill in the art that anyconfiguration or security subsystems known in the art now or in thefuture may be used in conjunction with embodiments without limitation,unless a specific security 36 or configuration system 35 or approach isspecifically required by the description of any specific aspect.

FIG. 14 shows an exemplary overview of a computer system 40 as may beused in any of the various locations throughout the system. It isexemplary of any computer that may execute code to process data. Variousmodifications and changes may be made to computer system 40 withoutdeparting from the broader scope of the system and method disclosedherein. Central processor unit (CPU) 41 is connected to bus 42, to whichbus is also connected memory 43, nonvolatile memory 44, display 47,input/output (I/O) unit 48, and network interface card (NIC) 53. I/Ounit 48 may, typically, be connected to keyboard 49, pointing device 50,hard disk 52, and real-time clock 51. NIC 53 connects to network 54,which may be the Internet or a local network, which local network may ormay not have connections to the Internet. Also shown as part of system40 is power supply unit 45 connected, in this example, to a mainalternating current (AC) supply 46. Not shown are batteries that couldbe present, and many other devices and modifications that are well knownbut are not applicable to the specific novel functions of the currentsystem and method disclosed herein. It should be appreciated that someor all components illustrated may be combined, such as in variousintegrated applications, for example Qualcomm or Samsungsystem-on-a-chip (SOC) devices, or whenever it may be appropriate tocombine multiple capabilities or functions into a single hardware device(for instance, in mobile devices such as smartphones, video gameconsoles, in-vehicle computer systems such as navigation or multimediasystems in automobiles, or other integrated hardware devices).

In various embodiments, functionality for implementing systems ormethods of various embodiments may be distributed among any number ofclient/user and/or server components. For example, various softwaremodules may be implemented for performing various functions inconnection with the system of any particular aspect, and such modulesmay be variously implemented to run on server and/or client/usercomponents.

The skilled person will be aware of a range of possible modifications ofthe various embodiments described above. Accordingly, the presentinvention is defined by the claims and their equivalents.

As used herein any reference to “one embodiment” or “an embodiment”means that a particular element, feature, structure, or characteristicdescribed in connection with the embodiment is included in at least oneembodiment. The appearances of the phrase “in one embodiment” in variousplaces in the specification are not necessarily all referring to thesame embodiment.

Some embodiments may be described using the expression “coupled” and“connected” along with their derivatives. For example, some embodimentsmay be described using the term “coupled” to indicate that two or moreelements are in direct physical or electrical contact. The term“coupled,” however, may also mean that two or more elements are not indirect contact with each other, but yet still co-operate or interactwith each other. The embodiments are not limited in this context.

As used herein, the terms “comprises,” “comprising,” “includes,”“including,” “has,” “having” or any other variation thereof, areintended to cover a non-exclusive inclusion. For example, a process,method, article, or apparatus that comprises a list of elements is notnecessarily limited to only those elements but may include otherelements not expressly listed or inherent to such process, method,article, or apparatus. Further, unless expressly stated to the contrary,“or” refers to an inclusive or and not to an exclusive or. For example,a condition A or B is satisfied by any one of the following: A is true(or present) and B is false (or not present), A is false (or notpresent) and B is true (or present), and both A and B are true (orpresent).

In addition, use of the “a” or “an” are employed to describe elementsand components of the embodiments herein. This is done merely forconvenience and to give a general sense of the invention. Thisdescription should be read to include one or at least one and thesingular also includes the plural unless it is obvious that it is meantotherwise.

Upon reading this disclosure, those of skill in the art will appreciatestill additional alternative structural and functional designs for asystem and a process for creating an interactive message through thedisclosed principles herein. Thus, while particular embodiments andapplications have been illustrated and described, it is to be understoodthat the disclosed embodiments are not limited to the preciseconstruction and components disclosed herein. Various apparentmodifications, changes and variations may be made in the arrangement,operation and details of the method and apparatus disclosed hereinwithout departing from the spirit and scope defined in the appendedclaims.

What is claimed is:
 1. A computer program product for processingrequests to send private postal mail to an inmate who is incarcerated ata correctional facility, the computer program product comprising anon-transitory computer readable storage medium having instructionsencoded thereon that, when executed by a processor, cause the processorto: obtain a request from a sender to send private postal mail; obtainsender verification data; verify a privacy status of the sender, whereinthe privacy status is comprised of a theoretical ability to send privatepostal mail to anyone, and wherein the verification is comprised ofverifying the sender verification data with data available in one ormore databases; generate a privacy status identifier if the privacystatus of the sender is verified, wherein the privacy status identifiermay be affixed to a private postal mail to indicate that a postal mailthat is sent to an inmate it private; and obtain privacy statusidentifier data comprising at least one of a date that the privacystatus identifier was generated, a date that the request to send privatepostal mail was received, and sender identity.
 2. The computer programproduct of claim 1 further comprising instructions that, when executedby a processor, cause the processor to obtain, from a mail processingfacility, an indication of receipt of postal mail with the generatedprivacy status identifier, wherein the mail processing facilityprocesses incoming postal mail that is sent to inmates who areincarcerated in a correctional facility.
 3. The computer program productof claim 2 further comprising instructions that, when executed by aprocessor, cause the processor to: obtain secondary sender data from therequest to send private postal mail, the secondary sender datacomprising intended recipient information and metadata informationassociated with the request to send private postal mail; and obtainfacility data from the mail processing facility, the facility datacomprising sender, recipient, and date of receipt data associated withreceived postal mail with the generated privacy status identifier; 4.The computer program product of claim 3 further comprising instructionsthat, when executed by a processor, cause the processor to perform frauddetection analysis based on the obtained facility and at least one ofsender verification data, secondary sender data and privacy statusidentifier data.
 5. The computer program product of claim 3 furthercomprising instructions that, when executed by a processor, cause theprocessor to perform contraband activity detection analysis based onfacility data associated with two or more received private postal mailswith the generated privacy status identifier.
 6. The computer programproduct of claim 3 further comprising instructions that, when executedby a processor, cause the processor to perform contraband activitydetection analysis based on facility data associated with two or morereceived private postal mails with different privacy status identifiers.7. A computer-implemented method for identifying, verifying, andprocessing private postal mail that is sent to an inmate who isincarcerated in a correctional facility, the computer-implemented methodcomprising: obtaining a request from a sender to send private postalmail; obtaining sender verification data; verifying a privacy status ofthe sender, wherein the privacy status is comprised of a theoreticalability to send private postal mail to anyone, and wherein theverification is comprised of verifying the sender provided data withdata available in one or more databases; and generating a privacy statusidentifier if the privacy status of the sender is verified, wherein theprivacy status identifier may be affixed to a private postal mail toindicate that a postal mail that is sent to an inmate it private
 8. Thecomputer-implemented method of claim 7, further comprising obtainingsecondary sender data that is comprised of intended recipientinformation from the sender.
 9. The computer-implemented method of claim7, further comprising obtaining secondary sender data that is comprisedof metadata information from the obtained request from a sender to sendprivate postal mail.
 10. The computer-implemented method of claim 7,further comprising obtaining an indication of receipt of private postalmail with the generated privacy status identifier from a mail processingfacility, wherein the mail processing facility processes incoming postalmail that is sent to inmates who are incarcerated in a correctionalfacility.
 11. The computer-implemented method of claim 10, furthercomprising obtaining facility data, which is comprised of at least oneof sender, recipient, and date of receipt data associated with receivedprivate postal mail with the generated privacy status identifier,wherein the sender, recipient, and date of receipt data are obtainedfrom a mail processing facility that processes incoming postal mail thatis sent to inmates who are incarcerated in a correctional facility. 12.The computer-implemented method of claim 11, further comprising:performing fraud detection analysis based on the obtained facility dataand the obtained secondary sender data; and triggering a fraud alert ifat least one of the obtained facility data and at least of the obtainedsender data does not match.
 13. The computer-implement method of claim12, wherein the fraud detection analysis triggers a fraud alert ifsender information in the facility data and sender information in atleast one of the sender verification data and the sender information inthe secondary sender data does not match.
 14. The computer-implementmethod of claim 12, wherein the fraud detection analysis triggers afraud alert if recipient information in the facility data and intendedrecipient information in the secondary sender data does not match. 15.The computer-implement method of claim 12, wherein the fraud detectionanalysis triggers a fraud alert if a receipt date associated with thefacility data and the request data associated with the secondary senderdata do not meet a threshold.
 16. The computer-implemented method ofclaim 11, further comprising performing contraband activity detectionanalysis based on facility data associated with two or more receivedprivate postal mails with the generated privacy status identifier. 17.The computer-implemented method of claim 16, wherein the contrabandactivity detection analysis triggers an alert if two or more privatepostal mails received by the mail processing facility have the sameunique privacy status identifier.
 18. The computer-implemented method ofclaim 16, further comprising performing contraband activity detectionanalysis based on data associated with two or more received privatepostal mails with different generated privacy status identifiers. 19.The computer-implemented method of claim 16, wherein performingcontraband activity detection analysis triggers an alert if one senderis associated with several private postal mailings to multiple inmatesat a correctional facility, wherein the private postal mailings arereceived by a mail processing facility within a threshold timeframe. 20.A computer program product for processing postal mail that is sent to aninmate who is incarcerated in a correctional facility, wherein one ormore postal mail that is received at a mail processing system for thecorrection facility is marked as private by an identifier, the computerprogram product comprising a non-transitory computer readable storagemedium having instructions encoded thereon that, when executed by aprocessor, cause the processor to: automatically reject digitizationefforts on private postal mail that is marked as private by a privacystatus identifier, wherein the privacy status identifier is generated bya privacy verification system by: obtaining a request from a sender tosend private postal mail; obtaining sender provided data; verifying aprivacy status of the sender, wherein the privacy status is comprised ofa theoretical ability to send private postal mail to anyone, and whereinthe verification is comprised of independently verifying the senderprovided data with data available in one or more databases; andgenerating the privacy status identifier if the privacy status of thesender is verified.